Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Re: Strange ports

from [Thor (Hammer of God)] Network Security [Permanent Link]
Subject: Re: Re: Strange ports
Date: Sat, 23 Jun 2007 10:23:09 -0700
----- Original Message ----- From: "Bojan Zdrnja" <bojan.zdrnja@gmail.com>
To: "Thor (Hammer of God)" <thor@hammerofgod.com>
Cc: <pen-test@securityfocus.com>
Sent: Saturday, June 23, 2007 12:19 AM
Subject: Re: Re: Strange ports


On 6/23/07, Thor (Hammer of God) <thor@hammerofgod.com> wrote:
If you use Exchange (well, specifically, if Exchange is doing the DNS
lookup) then you do need TCP 53 as Exchange SMTP (or IIS SMTP) uses TCP by
default for DNS queries. This is actually a good thing, as it is easier to

TCP by default?

Yes, TCP by default for SMTP DNS queries. See http://support.microsoft.com/kb/263237 (that's a ex2k kb, but it still applies)

So you are saying that Exchange doesn't use system's
resolver but instead has an internal one?
This is pretty interesting, can you point to Microsoft's documentation
about this?

Indeed - Exchange uses a separate DNS configuration for host resolution of SMTP destinations (when configured). When you consider the heavy requirement for Exchange to be integrated with Active Directory, you identify the fact that the "local" IP stack has to point to internal AD DNS to function properly. Therefore, Exchange allows you to set DNS settings specifically for the SMTP virtual server's use if it can't resolve hosts via your internal DNS design-- like when you have root zones in your AD or you've isolated internal DNS without forwarders.

You go the the properties of an SMTP virtual server, go to the Delivery tab, click Advanced, and then click Configure to configure external DNS servers separate from the local stack. If this option is not configured, then standard DNS settings of the adapter stack are used, but resolution is still TCP by default.

HTH

t

-------------
Veni, vidi, veni denuo.

Check out Thor's "Microsoft Ninjitsu: Blackbelt Edition" training at Blackhat Vegas!
http://www.blackhat.com/html/bh-usa-07/train-bh-us-07-tm-ms-bbe.html


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: listening to people/offices when on-hold on the phone, crazy frog crazy frog
Next by Date:  Re: listening to people/offices when on-hold on the phone, Thor (Hammer of God)
Previous by Thread:  Re: Re: Strange ports, Bojan Zdrnja
Next by Thread:  Pen testing / Vuln Assessment from Cable Modem - question on service provider selection, Tommy May
Indexes:  [Date] [Thread] [Top] [All Lists]