[dns-operations] Shameless plug for our Zonecheck software (Was: af.mil DNS issue

Joe Abley jabley at ca.afilias.info
Tue Jul 4 02:07:51 UTC 2006


On 3-Jul-2006, at 20:56, Joseph S D Yao wrote:

> On Sat, Jul 01, 2006 at 10:55:20PM -0400, Joe Abley wrote:
> ...
>> Cool. I hadn't actually heard of anybody blocking 53/tcp on purpose,
>> with full knowledge of the implications before. I have some  
>> questions!
> ...
>
>
> Yes.  It's done very often because most people don't understand  
> that DNS
> queries are carried on both TCP port 53 and UDP port 53.  This is a  
> FAQ
> in some firewall FAQ lists.

I realise it's often done unintentionally, without full knowledge of  
the implications. Hence my qualification above, in the text you quoted.


Joe




More information about the dns-operations mailing list