lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20040603160640.GA58170@pc5.i.0x5.de>
From: list at rachinsky.de (Nicolas Rachinsky)
Subject: Strange TCP/IP DNS traffic

* Shachar Shemesh <fulldisc@....consumer.org.il> [2004-06-03 17:35 +0300]:
> The outbound traffic is not generated by the local bind installation, 
> which was asked to bind to port 53 for outbound traffic. Also, 

man named.conf:
  Query Address
     If the server doesn't know the answer to a question, it will query other
     nameservers.  query-source specifies the address and port used for such
     queries.  If address is * or is omitted, a wildcard IP address (
     INADDR_ANY) will be used.  If port is * or is omitted, a random unprivi-
     leged port will be used.  The default is
           query-source address * port *;

     Note: query-source currently applies only to UDP queries; TCP queries
     always use a wildcard IP address and a random unprivileged port.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ