Search Again: Question to the list From: Jerry Pasker-Systems Admin. Date: Wednesday, April 26, 2000 Time: 12:43:56 pm Can anyone think of a reason to allow any TCP access on my QDNS server? I was thinking of blocking all TCP at my boarder router, since no zone transfers go off my local area network. A SYN flood to port 53 isn't healty to QDNS Pro. And my QDNS Pro server has been crashing randomly in during the past several months. It'll be fine for weeks, and then go down 20 times in a couple of hours. My instincts tell me that it's a hacker attack (some script kiddie trying to install a root-kit on my iMac? ;-) A SYN flood to TCP port 53 is handled quite well during the attack, but is followed up (about 30 minutes to 1 hour later) by a severe Mac-locking crash. I realize that I need port 53 UDP open to the world, but do any modern resolvers use TCP and not UDP to do DNS lookups to other DNS servers?

Messages In This Thread: Question to the list by Jerry Pasker-Systems Admin. on Apr 26, 2000 at 12:43:56 pm Re: Question to the list by Men & Mice Support on Apr 26, 2000 at 1:26:14 pm