lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <014001c31584$92ba38d0$3264a8c0@local>
From: hggdh at attbi.com (hggdh)
Subject: Fw: [NTBUGTRAQ] Win 2003 DNS requests makes replies over 512 byte PIX limit

FYI. Any ideas?
----- Original Message ----- 
From: "DeAvillez, Carlos" <Carlos_DeAvillez@...rcomm.com>
To: <hggdh@...bi.com>
Sent: Thursday, May 08, 2003 12:08
Subject: FW: [NTBUGTRAQ] Win 2003 DNS requests makes replies over 512 byte
PIX limit


>
>
> -----Original Message-----
> From: DeAvillez, Carlos
> Sent: Thursday, May 08, 2003 12:02
> To: 'hddgh@...bi.com'
> Subject: FW: [NTBUGTRAQ] Win 2003 DNS requests makes replies over 512
> byte PIX limit
>
>
>
>
> -----Original Message-----
> From: Loucks, Jason [mailto:loucks@...MPROD.COM]
> Sent: Thursday, May 08, 2003 08:59
> To: NTBUGTRAQ@...TSERV.NTBUGTRAQ.COM
> Subject: [NTBUGTRAQ] Win 2003 DNS requests makes replies over 512 byte
> PIX limit
>
>
> We recently upgraded our DNS servers to Win 2003.  After this time, it
> became apparent that we are unable to send email to some domains which
> had been working fine before.
>
>
>
> After much investigation as to why it "suddenly" stopped working, we
> determined that Win 2003 requests everything but the kitchen cupboard in
> its DNS requests,  apparently using RFC 2671 to specify the ability to
> accept >512 byte UDP replies.
>
>
>
> We are running the latest version (6.3.1) on our Cisco PIX and it
> appears that there is hard limit of 512 bytes on ANY UDP packets
> arriving on port 53.  Everything exceeding that is dropped.
>
>
>
> Has anyone else seen this problem?
>
>
>
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
> Delivery co-sponsored by IP3 Inc.
>
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
> SECURITY QUESTIONS? We've got answers...Apply for a scholarship and become
> TICSA certified.
>
> Do not miss your opportunity to discover solutions to what our
participants
> have identified as their top 5 IT Security Challenges. You will return to
> work better prepared to put into place an effective security strategy
> utilizing the latest security tools, bookmarks and URL's.
>
> <http://www.ip3seminars.com>
>
>
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ