[dns-operations] DNS Issue
Edward Lewis
ed.lewis at neustar.biz
Mon Apr 29 18:46:36 UTC 2013
On Apr 26, 2013, at 8:24, Cihan SUBASI (GARANTI TEKNOLOJI) wrote:
> Hi,
>
> Also can someone explain why tcp53 should be allowed on the firewalls if dns is behind a firewall?
>
In addition to other already posted reasons, TCP isn't susceptible to reflection attacks. (FWIW.)
> And why auditors do not like tcp53 open to public?
Can't read their minds, but, well, the auditor has at least been misinformed on how DNS works.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis
NeuStar You can leave a voice message at +1-571-434-5468
There are no answers - just tradeoffs, decisions, and responses.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20130429/a117439a/attachment.html>
More information about the dns-operations
mailing list