Well if your running a DNS server you have to have UDP 53 open...
And I don't know is this a vuln that only affects Kerio? I read that too, but I also read a few places that lead me to believe this affects IPTables as well...
| Linode Forum https://forum.linode.com/ |
|
| IPTables / Avoiding UDP Vuln https://forum.linode.com/viewtopic.php?f=19&t=1107 |
Page 1 of 1 |
| Author: | vitrum [ Mon Aug 23, 2004 11:16 pm ] |
| Post subject: | IPTables / Avoiding UDP Vuln |
http://cgi.nessus.org/plugins/dump.php3?id=11580 Anyone have any suggestions for IPTables rules that can be used to avoid this type of firewall vulnerability? Also anyone know of a simple method of testing it? I can see methods of protecting yourself if you are not running an authoritative DNS server... however if you are... it seems a bit more tricky. |
|
| Author: | jeffml [ Tue Aug 24, 2004 1:37 am ] |
| Post subject: | Re: IPTables / Avoiding UDP Vuln |
vitrum wrote: http://cgi.nessus.org/plugins/dump.php3?id=11580
Anyone have any suggestions for IPTables rules that can be used to avoid this type of firewall vulnerability? Also anyone know of a simple method of testing it? I can see methods of protecting yourself if you are not running an authoritative DNS server... however if you are... it seems a bit more tricky. This seems to be a vulnerabilty in Kerio Personal Firewall as per the referenced BugTraq ID. As long as you don't open a hole for everything with udp src port 53 you should be fine. |
|
| Author: | vitrum [ Tue Aug 24, 2004 1:40 am ] |
| Post subject: | |
Well if your running a DNS server you have to have UDP 53 open...
And I don't know is this a vuln that only affects Kerio? I read that too, but I also read a few places that lead me to believe this affects IPTables as well... |
|
| Author: | vitrum [ Tue Aug 24, 2004 1:50 am ] |
| Post subject: | |
I read a recommendation for the following rules... however I'm not sure how to sucessfully test it for certain... Code: /sbin/iptables -A INPUT -p udp --dport 53 -j ACCEPT |
|
| Author: | jricher [ Thu Dec 16, 2004 8:29 pm ] |
| Post subject: | Testing |
You can test for this from any other box using a tools like nmap. You can get this at insecure.org. Jacques |
|
| Page 1 of 1 | All times are UTC-04:00 |
| Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/ |
|