 |  |
>Why did I do this? Because I know/knew that my versions of QuickDNS were
Re: Problems with QuickDNS Pro 3.0.1
From: Men & Mice Support
Date: Monday, February 12, 2001
Time: 10:26:59 pm
>susceptible to TCP DoS attacks, and I also didn't believe any of the
>superstition that a UDP only DNS server wouldn't work. As far as I could
>tell, no one who ever said "Oh no!! You can't do that!! You need TCP in
>case a UDP lookup fails!" had actually TRIED it.
The only times you should expect to receive DNS queries on the TCP port are:
- when the UDP answer fails to reach its destination,
- when one single UDP packet can't hold the entire response, or
- when the query is sent from the Un*x dig command.
So, if you have plenty of bandwidth, and if you don't have a large
quantity of records for any given name in your zones, blocking this
port shouldn't affect normal DNS traffic.
____________________________________________________________________
Chris Buxton Men & Mice
cbuxton@menandmice.com We Make DNS Easy!
Messages In This Thread:
Return to Digital Point Solutions' Home Page