The revised DNS.EXE that was released in response to MS08-037
- From: "W" <persistentone@xxxxxxxxxxxxxx>
- Date: Wed, 13 May 2009 19:33:49 -0700
Apparently the Windows 2003 server now has the behavior that it
pre-allocates at startup 2500 UDP ports. Can someone explain to me what
these ports are being used for?
Our domain controllers are protected by firewalls, and we have glued all of
the domain controller services (after a lot of painful research and
experiment) to fixed TCP and UDP ports. I'm really concerned if the DNS
server is allocating 2500 random UDP server ports and expecting clients to
come in on those random ports, because I'm fairly certain everything except
TCP and UDP 53 will be blocked for incoming connections.
I would like to understand what it is these ports are being used for, and
how I should go about estimating the number of such ports that need to be
made available to applications on the network.
Is there any way I can force the DNS server to use a specific range of ports
and reduce the number from 2500?
--
W
.
- Follow-Ups:
- Prev by Date: Re: extract in-addr.arpa from DNS
- Next by Date: Re: The revised DNS.EXE that was released in response to MS08-037
- Previous by thread: DNS error event id 4011
- Next by thread: Re: The revised DNS.EXE that was released in response to MS08-037
- Index(es):
Relevant Pages
|
