[56028] in North American Network Operators' Group
Re: [Re: [Re: [Re: M$SQL cleanup incentives]]]
daemon@ATHENA.MIT.EDU (Joshua Smith)
Fri Feb 21 15:41:09 2003
Date: Fri, 21 Feb 2003 15:40:31 -0500
From: Joshua Smith <joshua.ej.smith@usa.net>
To: Bryan Bradsby <Bryan.Bradsby@capnet.state.tx.us>,
Joshua Smith <joshua.ej.smith@usa.net>
Cc: "Gary E. Miller" <gem@rellim.com>, <nanog@merit.edu>
Errors-To: owner-nanog-outgoing@merit.edu
Bryan Bradsby <Bryan.Bradsby@capnet.state.tx.us> wrote:
> > > udp/1434 is not a reserved port. [...] legit
> > > traffic that picked a random port to use for an ad-hoc use.
> >
> > it isn't legit for what i have in my network though :-)
> =
i should clarify this - my data center has www/dns/ftp servers and a bunc=
h
of voip gateways (mostly cisco), so they all talk on the same udp ports
(most of which are greater than 30000)
my corporate lan does have a ms sql server or two (running on nt4), but =
there is no reason that those servers should be talking to anything
outside of my network (or outside of their vlan)
> =
> Really? So you're blocking udp/1434 both in and out?
> =
yep
> Got any DNS servers on your network? Any of your desktop clients use DN=
S?
> =
options {
query-source * port 53
};
> Recent versions of un*x BIND will pick a random port above 1024 for udp=
> conversations. It can and has picked 1434.
destination port will be 53, i suppose it is possible that the client
could pick 1434 for a source.....
> =
> DNS clients will eventually timeout and fall back to another server, so=
> any problems would be transient, but the packets were legit, right?
> =
on the off chance that someone's windows desktop picked 1434 for a source=
=2E
those packets however will not be leaving my network.
it may not be the best way to do all of it, but it keeps my network from
being killed (it also helps that the lan admin keeps all the servers
well patched)
> =
> -bryan bradsby
> Texas State Government Net
> =
> =
> =
joshua
(the grouchy ip/security/*nix guy sitting alone in the dark corner of the=
=
office)
"Walk with me through the Universe,
And along the way see how all of us are Connected.
Feast the eyes of your Soul,
On the Love that abounds.
In all places at once, seemingly endless,
Like your own existence."
- Stephen Hawking -
