Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: I'll argue the wording on 18356...

from [Karl Tatgenhorst] Network Security [Permanent Link]
Subject: Re: I'll argue the wording on 18356...
Date: Wed, 23 Aug 2006 08:31:28 -0500 

   The wording is correct. Disabling TCP breaks it per RFC, the server
might always respond with UDP but how does a UDP packet arrive as an
answer to a TCP request? I would not think to tell you how to set up
your DNS servers, but network diagnostic messages should be written to
comply with the RFCs.

Karl

On Wed, 2006-08-23 at 11:04 +1200, Jason Haar wrote:

This DNS checks says:

"A DNS server is running on this port but
it only answers to UDP requests.
This means that TCP requests are blocked by a firewall.

This configuration is incorrect: TCP might be used by any
request, it is not restricted to zone transfers.
Read RFC1035 or STD0013 for more information."


We run tinydns and ensure our DNS records are always small enough to fit
within a single UDP packet - so we deliberately disabled DNS TCP.

I think this wording should be changed to " This configuration might be
incorrect, depending on the type of DNS data the server returns..."



_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Nessus on Debian Sarge - Newbie Question, Jesper S. Jensen
Next by Date:  Re: bind() failed :Address already in use..., ruud van lee
Previous by Thread:  I'll argue the wording on 18356..., Jason Haar
Next by Thread:  Re: I'll argue the wording on 18356..., Michel Arboi
Indexes:  [Date] [Thread] [Top] [All Lists]