RE: DNS Zone Transfers not working
- From: Bosio Paolo <Paolo.Bosio@xxxxxxxxxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 31 Aug 2001 14:40:47 +0200
No, no you must apply the subsequent thing:
create packet filter:
dns query:
fitel type predefined :Custom
ip protocolo: UDP
direction: Received send
Local Port:Fixed port
port number:53
remote port:all ports
Default ipaddress
remote copmputer :all
dns Zone Transfer:
fitel type predefined :Custom
ip protocolo: tcp
direction: Both
Local Port:Fixed port
port number:53
remote port:all ports
Default ipaddress
remote copmputer :all
Dns filter there are by default
My situatio have dns and isa on the same computer
then you must configure correctly dns
and specify the ip address of the secondary dns with your ip address in dns
-----Original Message-----
From: patricks@xxxxxxxxxxxxxxxxxx [mailto:patricks@xxxxxxxxxxxxxxxxxx]
Sent: venerdì 31 agosto 2001 13.37
To: [ISAserver.org Discussion List]
Subject: [isalist] DNS Zone Transfers not working
http://www.ISAserver.org
Hi all,
Just a quick question re DNS zone transfers and the DNS application
filter.
I have the DNS zone transfer from privileged/high ports options set in
the intrusion detection filter.
If I do an nslookup (ls -d domainname.co.uk) from an ip external to the
firewall, the zone is transferred fine. Naturally an alert is generated.
However, if I deselect these check boxes, restart ISA and try this
again, the nslookup process hangs on the ls -d domainname.co.uk command.
Could someone confirm this behaviour happens with their firewall. If so
why ?
Patrick
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
paolo.bosio@xxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
