Date: Wed, 17 Jul 2002 15:37:06 +0200 (CEST) From: Sabri Berisha <sabri@cluecentral.net> To: "Carroll, D. (Danny)" <Danny.Carroll@mail.ing.nl> Cc: Bart Matthaei <bart@dreamflow.nl>, <security@freebsd.org> Subject: RE: ipfw and it's glory... Message-ID: <20020717153409.Y86012-100000@doos.cluecentral.net> In-Reply-To: <6C506EA550443D44A061432F1E92EA4C6C5364@ing.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 17 Jul 2002, Carroll, D. (Danny) wrote: > :How about DNS? You send out a query from an high udp port to a dns > :server's port 53. It will send you an udp packet to that high port. > > But it's source port will be 53. So you can put in a rule for that. > Plus it's only 1 or 2 servers so you can put in special rules for them. Unless you run a local dnscache (which I would do). -- Sabri Berisha - www.megabit.nl - "I route, therefore you are" - http://www.fordreallysucks.com/more_info.html - 'that particular feeding of Martijn Bevelander, notorious spammer and whiney repeat-posting troll, was almost a work of art.' (nanae) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020717153409.Y86012-100000>