On Tue, Apr 04, 2000 at 07:04:10PM -0400, john scroggins wrote:
[Long description]
Bottom line is how can some one access my firewall/masq machine when
Thanks for the response Frank,
I might want to clarify, I do not run DNS as a service.
I do not have bind installed. I was speaking of allowing my ISP's nameserver
access to my internal network. All my machines use the ISP's NS for IP addy
resolution.
I had snort reportting .. "Source Port Attack --- From
ns1.<ISPname>.net to 192.168.1.4 (one of my internal network boxes)
My question is, can someone spoof my ISP's namserver addy to gain access to
my network? If so, how can I filter the packet or verify the contents and
deny access.
John @ DataEFX
-----Original Message-----
From: Frank Derichsweiler
are no open ports, the only traffic allow back into the network is the masq'd packets and DNS?
Hi John,
Maybe this is a stupid question, but .... Have you installed the security patches for 6.3? AFAIK there were some security-related fixed, e.g. bind and utils.
HTH Frank