> -----Original Message----- > From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] > Sent: Wednesday, December 10, 2003 11:31 AM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: DNS Server dies after port 1434 attack > > http://www.ISAserver.org > > IIS and DNS are 2 different services. Please specify which > one you talking about. Oops, sorry. DNS running on a Windows 2003 server. > > Why do you have 1 server answering to 2 IPs? Because I needed ns1.<mydomain> & ns1.<mydowmain>. I didn't need the redundancy of two servers, but domain registration requires two. (Maybe not). - Robert > > John Tolmachoff > Engineer/Consultant/Owner > eServices For You > > > -----Original Message----- > > From: Robert Zeff [mailto:rzeff@xxxxxxxxxx] > > Sent: Wednesday, December 10, 2003 6:22 AM > > To: [ISAserver.org Discussion List] > > Subject: [isalist] DNS Server dies after port 1434 attack > > > > http://www.ISAserver.org > > > > > > I have another odd problem with ISA. I have a name server > (IIS) on an > > internal box that answers to 192.168.254.30 & 31 > > > > I am publishing this server on ISA for external ip addresses > > xx.xx.xx.226 & .227. > > > > Every day or two, sometimes two weeks, one of the > publishing rules fails. > > There are no errors, it just quits forwarding the request. > It seems > > like it always happens after an attack on port 1434. From our logs: > > > > 12/10/2003, 1:28:59, 66.77.132.210, xx.xx.xx.253, Udp, > 1034, 1434, -, > > BLOCKED, xx.xx.xx.xx, -, - 12/10/2003, 1:30:30, 211.154.52.146, > > xx.xx.xx.228, Udp, 4529, 53, -, BLOCKED, xx.xx.xx.xx, -, - > > > > Any ideas? > > > > Thanks, > > - > > Robert > > > > > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Other Internet Software Marketing Sites: > > Leading Network Software Directory: http://www.serverfiles.com > > No.1 Exchange Server Resource Site: > http://www.msexchange.org Windows > > Security Resource Site: http://www.windowsecurity.com/ Network > > Security Library: http://www.secinf.net/ Windows 2000/NT Fax > > Solutions: http://www.ntfaxfaq.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org > Discussion List as: > > johnlist@xxxxxxxxxxxxxxxxxxx > > To unsubscribe send a blank email to > > $subst('Email.Unsub') > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > Leading Network Software Directory: http://www.serverfiles.com > No.1 Exchange Server Resource Site: http://www.msexchange.org > Windows Security Resource Site: > http://www.windowsecurity.com/ Network Security Library: > http://www.secinf.net/ Windows 2000/NT Fax Solutions: > http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion > List as: rzeff@xxxxxxxxxx To unsubscribe send a blank email > to $subst('Email.Unsub') >