RE: DNS server
- From: "Administrator" <Administrator@xxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 25 Oct 2004 19:50:16 +0200
Hi Steve
I understand that they should be in the DMZ...but for the next few
months and a tight budget this cannot be done.
I know this question is stupid but I will ask anyway.....What risk is
there in having the DNS NOT in the DMZ....am I at risk via port 53??
William
________________________________
From: Steve Moffat [mailto:steve@xxxxxxxxxx]
Sent: 25 October 2004 14:30
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: DNS server
http://www.ISAserver.org
they should really be in a dmz
S
________________________________
From: Administrator [mailto:Administrator@xxxxxxxxxxxxx]
Sent: Monday, October 25, 2004 2:44 AM
To: ISA Mailing List
Subject: [isalist] RE: DNS server
http://www.ISAserver.org
Hi
Gr8...so
If I got this correctly
TCP In local port 53 ...remote any
TCP Out local any....remote 53
UDP Receive send local 53 remote any
UDP Send Receive local any remote 53.............is this correct?
William
PS thanks for the help but I am fairly new to public dns servers behind
a firewall
________________________________
From: Steve Moffat [mailto:steve@xxxxxxxxxx]
Sent: 24 October 2004 23:44
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: DNS server
http://www.ISAserver.org
you'll need incoming / outgoing dns query packet filters, on each ISA
Server as well as publishing them.
S
Other related posts:
