l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
September 15: Scratch: programming for children and other not-yet-programmers
Next Installfest:
TBD
Latest News:
Aug. 18: Discounts to "Velocity" in NY; come to tonight's "Photography" talk
Page last updated:
2001 Dec 30 17:07

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Firewall question...
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Firewall question...



On Thu, Jul 05, 2001 at 11:48:17AM -0700, Doug Barbieri wrote:
> Thanks Henry for getting back to me. I implemented a change similar to
> yours, but I still notice that if I try to access the domain in question
> (www.jeffmcnurlin.com) from inside my work's firewall, those UDP requests
> are DENYed, because for some reason my site is being contacted via ports
> numbered *below* 1024. It seems that those are the only DENYed packets
> that I notice in my messages log for port 53.

I'm confused here. Are you running your own DNS server? Remote hosts should
trying to nslookup your name will contact your nameserver, not the box
running the web browser.

> My question is this: is this just a broken NT nslookup thing, or should I
> expect other sites to attempt to connect to me from ports > 1024 to my
> port 53?

Unless you are running a server there is no need for machines other that your
local DNS servers to contact you on any port. Nameserver replies should
arrive on unprivaledged ports. (Can anyone confirm this? My knowledge is
shaky here.)

> BTW: Could anyone else please see if you can do an nslookup on
> www.jeffmcnurlin.com? I just want to know that it can be resolved from as
> many other sites as possible. This domain belongs to my brother-in-law and
> he has his resume and portfolio posted, so I want to make sure that
> recruiters can access his site.

I have done so, and got: 

	Server:         198.93.80.101
	Address:        198.93.80.101#53

	Non-authoritative answer:
	www.jeffmcnurlin.com    canonical name = solo.trug.com.
	solo.trug.com   canonical name = trug.com.
	Name:   trug.com
	Address: 216.102.106.223

-- 
Henry House
OpenPGP key available from http://romana.hajhouse.org/hajhouse.asc

Attachment: pgp00003.pgp
Description: PGP signature



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.