[vox-tech] firewall question
Henry House
vox-tech@lists.lugod.org
Thu, 3 Jan 2002 17:16:24 -0800
--Qxx1br4bt0+wmkIi
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Thu, Jan 03, 2002 at 04:17:02PM -0800, Shwaine wrote:
> There is no need for UDP 22 and 80 to do normal web browsing and=20
> SSH sessions. The only UDP packets I allow on the input side of the=20
> firewall is UDP port 53 from only my ISP's DNS servers, since these=20
> are the replies to my DNS queries. I've read in a few documents that=20
> DNS may also sometimes use TCP port 53. I haven't seen that happen=20
> in any of my logs however. Anyways, you should be fine blocking those=20
> two UDP ports. My web browsing and SSH use go just fine with them=20
> blocked.
Generally DNS only uses 53/tcp when running a zone transfer.
--=20
Henry House
The attached file is a digital signature. See <http://romana.hajhouse.org/p=
gp>
for information. My OpenPGP key: <http://romana.hajhouse.org/hajhouse.asc>.
--Qxx1br4bt0+wmkIi
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8NQJoKK1cAVjXujwRAmOmAJ0UjM0O4IIa65WaqQgMns85KSY2ngCgm9gY
xklXc0c3NuKDNOnXKvrgKvo=
=/mCw
-----END PGP SIGNATURE-----
--Qxx1br4bt0+wmkIi--