[Dshield] UDP blocking

Neil Richardson neilr at ieee.org
Thu Mar 14 22:17:14 GMT 2002


At 01:10 PM 3/14/2002, you wrote:
>now when i'm on the server, i can't surf outbound unless i use IP addresses.

    My first thought would be: is your firewall set to block DNS queries 
from outside your network?



>do DNS responses come over UDP?

    I didn't think so, but if I'm reading my \windows\serivces. file 
correctly, then nameserver queries are done on port 42, both TCP and 
UDP--so I guess the answer is "Yes."



>on the same note... is that overkill?  (is there such a thing in net
>security?

    At the point your users can't log in, yes, it's overkill.  :-]



>do i/should i really be blocking all UDP ports?

    I'm not a professional SysAdmin, so I'll leave that question to those 
who are.


-Neil R.

-- 
Supreme Lord High Commander and Keeper of the Holy Potato
----------
Random thought for the day:

    VWL compression scheme: wht d y thnk?





More information about the list mailing list