lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <3587D6FDF44881459313970A8DE75A81015FF4DF@exchange.quadrasis.com>
From: David.Cushing at hitachisoftware.com (Cushing, David)
Subject: SQL Slammer - lessons learned

> * pauls@...allas.edu (Paul Schmehl) [Wed 05 Feb 2003, 16:57 CET]:
> > No, you wouldn't, because DNS servers talk on port 53, and 
> they wouldn't
> > negotiate port 1434 because it's reserved for SQL.
> 
> Please learn how the Internet works.  BIND8 and up don't use 53 as
> source for outgoing queries anymore by default; you can 
> override this in named.conf with .....

Perhaps everyone should start indicating whether they are talking
about source or destination ports.

Paul was talking about the destination port that the server was 
listening on, which will always be 53 for a DNS server.  The only 
DNS server that will accept a packet on UDP 1434 is a customized 
one.

You are talking about the source port used when making queries.  
The source port is not part of the specification, so cannot be 
counted on for anything.  Assume it to be random.  

For all you simpletons who don't know how the internet works, 
Niels forgot to send you a link :)

http://www.ietf.org/rfc/rfc1035.txt
4.2 - Transport

-David

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ