Per the original note - this was a scan of an external firewall. There is no reason for udp/53 to be open unless this is a stateless firewall (doubtful per the scan). Internal clients would be coming through the internal interface of the firewall and udp/53 would need to be opened on that interface not the external interface. But to be quite frank - I am shocked how many people are weighing in on what "needs to be opened" without knowing one single requirement. He asked an opinion on a couple of ports. What is opened or not depends upon that companies architecture and how they have things deployed. He needs to work with those folks to determine what is valid or not. t.s > I would agree that port 53 UDP needs to be open. Port 53 TCP does not > unless you are doing large DNS zone transfers. > > ------------------------------------------------------------------------ > This List Sponsored by: Cenzic > > Are you using SPI, Watchfire or WhiteHat? > Consider getting clear vision with Cenzic > See HOW Now with our 20/20 program! > > http://www.cenzic.com/c/2020 > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------ |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: listening to people/offices when on-hold on the phone, Joel Eusebio |
|---|---|
| Next by Date: | Re: Security and VPN, Sat Jagat Singh |
| Previous by Thread: | Re: Re: Strange ports, brian . marino |
| Next by Thread: | Re: Re: Strange ports, R. DuFresne |
| Indexes: | [Date] [Thread] [Top] [All Lists] |