[Dshield] UDP blocking

William Sipila william at osource.com
Thu Mar 14 21:10:12 GMT 2002

hi everyone,

sorry if this is a silly question, but i have a server with outside a
firewall (i know, i know), and i only opened a few necessary TCP ports and i
closed off all UDP ports.  now when i'm on the server, i can't surf outbound
unless i use IP addresses.  do DNS responses come over UDP?  is so what port
should i open back up?  i thought they would've just come back in over the
HTTP channel, but apparently not.

on the same note... is that overkill?  (is there such a thing in net
security?  :)  do i/should i really be blocking all UDP ports?  i just
wanted to make sure the server would remain safe...


	- will

    Developer/SysAdmin, OUTSOURCE Consulting Services, Inc. 
    william at osource.com | www.osource.com 

More information about the list mailing list