DNS Server dies after port 1434 attack
- From: "Robert Zeff" <rzeff@xxxxxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 10 Dec 2003 06:22:24 -0800
I have another odd problem with ISA. I have a name server (IIS) on an
internal box that answers to 192.168.254.30 & 31
I am publishing this server on ISA for external ip addresses xx.xx.xx.226 &
.227.
Every day or two, sometimes two weeks, one of the publishing rules fails.
There are no errors, it just quits forwarding the request. It seems like it
always happens after an attack on port 1434. From our logs:
12/10/2003, 1:28:59, 66.77.132.210, xx.xx.xx.253, Udp, 1034, 1434, -,
BLOCKED, xx.xx.xx.xx, -, -
12/10/2003, 1:30:30, 211.154.52.146, xx.xx.xx.228, Udp, 4529, 53, -,
BLOCKED, xx.xx.xx.xx, -, -
Any ideas?
Thanks,
-
Robert
Other related posts:
