On Tue, Apr 04, 2000 at 07:04:10PM -0400, john scroggins wrote:
[Long description]
Bottom line is how can some one access my firewall/masq machine when
Thanks for the response Frank, I might want to clarify, I do not run DNS as a service. I do not have bind installed. I was speaking of allowing my ISP's nameserver access to my internal network. All my machines use the ISP's NS for IP addy resolution. I had snort reportting .. "Source Port Attack --- From ns1.<ISPname>.net to 192.168.1.4 (one of my internal network boxes) My question is, can someone spoof my ISP's namserver addy to gain access to my network? If so, how can I filter the packet or verify the contents and deny access. John @ DataEFX -----Original Message----- From: Frank Derichsweiler <fd-l-s-s@daidalos.informatik.unibw-muenchen.de> To: dataefx@earthlink.net <dataefx@earthlink.net> Date: Tuesday, April 04, 2000 11:20 PM Subject: Re: [suse-security] DNS spoofing there
are no open ports, the only traffic allow back into the network is the masq'd packets and DNS?
Hi John,
Maybe this is a stupid question, but .... Have you installed the security patches for 6.3? AFAIK there were some security-related fixed, e.g. bind and utils.
HTH Frank
participants (1)
-
john scroggins