[afnog] IIS & DNS
Stephane Bortzmeyer
bortzmeyer at nic.fr
Tue Mar 7 17:00:27 EAT 2006
On Tue, Mar 07, 2006 at 01:06:36PM +0200,
Mark Tinka <mtinka at africaonline.co.zw> wrote
a message of 62 lines which said:
> The customer says IIS makes DNS queries on TCP port 53;
This is easy to check with tcpdump:
tcpdump -n host x.y.z.t and tcp and port 53
> our internal security policy suggests that, by default,
> we reserve TCP port 53 on our name servers for internal
> zone transfers.
Very bad policy, indeed (RFC 1035, "4.2. Transport").
> I have no clue on how IIS makes DNS queries.
tcpdump (or ethereal) is a gift from God for the network adminstrator
forced to deal with Microsoft products.
More information about the afnog
mailing list