Re: Zone Transfer with Secondary DNS error

From: Ace Fekay [MVP] (PleaseSubstituteMyActualFirstName&LastNameHere_at_hotmail.com)
Date: 10/05/04

• Next message: Phil Teale: "DNS SRV Records Question"
• Previous message: Ace Fekay [MVP]: "Re: problem with AD dns auto registration and subdomain"
• In reply to: Roland Hall: "Re: Zone Transfer with Secondary DNS error"
• Next in thread: Jonathan de Boyne Pollard: "Re: Zone Transfer with Secondary DNS error"
• Reply: Jonathan de Boyne Pollard: "Re: Zone Transfer with Secondary DNS error"
• Messages sorted by: [ date ] [ thread ]

---

Date: Tue, 5 Oct 2004 01:06:38 -0400

In news:eAUgArdqEHA.3748@TK2MSFTNGP09.phx.gbl,
Roland Hall <nobody@nowhere> made a post then I commented below
> According to this document:
> http://homepages.tesco.net/~J.deBoynePollard/FGA/dns-shaped-firewall-holes.html
>
> You need to open up 1024-65535 for DNS. It appears the response port
> will be a high numbered random port.
> Read this section: With Microsoft's DNS Server for Windows and ISC's
> BIND versions 4, 8, and 9, you need to knock this shape of hole into
> your firewall:
>
> --
> Roland Hall

We're using Jonathan's terminology?
:-)

btw- I agree with the upper UDP ports. That's pretty much the way Windows
works with these empherical ports.

-- 
Regards,
Ace
Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.
This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services
Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
-- 
=================================

---

• Next message: Phil Teale: "DNS SRV Records Question"
• Previous message: Ace Fekay [MVP]: "Re: problem with AD dns auto registration and subdomain"
• In reply to: Roland Hall: "Re: Zone Transfer with Secondary DNS error"
• Next in thread: Jonathan de Boyne Pollard: "Re: Zone Transfer with Secondary DNS error"
• Reply: Jonathan de Boyne Pollard: "Re: Zone Transfer with Secondary DNS error"
• Messages sorted by: [ date ] [ thread ]

---

Relevant Pages Re: Cant access web on local network server ... Yes my Windows 2003 R2 Standard Server is a DC domain controller. ... How do I open DNS for the outside? ... What port should I give access to? ... (microsoft.public.windows.server.general) Re: Strange - all my programs want internet access. ... >results in Windows Explorer attemping to open a port for DNS. ... >destination IP is my ISP's DNS proxy server, ... >played around with the Services, Windows Components, Registry and Network ... (microsoft.public.windowsxp.network_web) Re: How to keep kids off of computer ... "Roland Hall" wrote in message ... :>: Knoppix that completely bypasses you installed Windows OS. ... How-to: Windows 2000 DNS: ... (microsoft.public.security) Re: Suse 10 DNS, firewall, or masquerading problem? ... >> Squid's internal interface while running Outlook Send/receive on Linux ... Windows PC sends DNS query mail.iol.ie Squid replies ICMP ... > listening on the port. ... No DNS server running on the port means no IP ... (comp.os.linux.networking) Re: Simple packet filter ... DNS is handled also by the firewall, i basicly just need to lock out ... These don't have a fixed local port, ... > Doesn't Windows have a built-in packet filter? ... (comp.security.misc)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(11)