DNS's uses udp/53 for querys and tcp/53 for zone transfers tcp/53 is used for querys too if it exceeds 512 bytes. M$ Windows uses tcp and udp for querys, without look the size, so for mswin to work, you need to open both ports. be extremely carefull if you are natting the dns server. On Thu, 2004-01-29 at 12:25, David C. Hart wrote: > I am terribly confused about what I need to accept and reject and the > associated IPTables rules for Bind to work properly without exposing our > server to exploits. Right now, I'm pretty much accepting all traffic to > and from port 53 and that's "probably" not a good thing. I'm running > IPtables on the same machine running Bind. > > Can someone point me in the right direction? > > Thanks. > --------- > Quality Management - A Commitment to Excellence -- Alexis <alexis@xxxxxxxxxxxx>
