On Tue, 2003-09-02 at 22:08, Ed Wilts wrote: > On Tue, Sep 02, 2003 at 09:55:41PM -0400, Jason Dixon wrote: > > On Tue, 2003-09-02 at 21:44, NfoCipher wrote: > > > On Tue, 2003-09-02 at 20:18, Marc Adler wrote: > > > > Wrong. DNS uses 53/tcp for zone transfers, 53/udp for normal queries. > > Just because you filter against TCP doesn't mean a future remote exploit > > against the resolution libraries couldn't endanger your box. > > This is true for every service. If you don't need it, turn it off. > I vote with Jason on this one, although he could have said it a bit more > diplomatically :-).
Ed, you're absolutely right. I apologize for the tone of my previous post. I get all worked up when folks give crappy advice. ;-) -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
