Date: Mon, 12 Jun 2000 18:42:37 -0700 (PDT) From: Hugh Ho <hho321@yahoo.com> To: freebsd-security@freebsd.org Subject: IPFW rules for DNS? Message-ID: <20000613014237.10942.qmail@web210.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
I need to do nslookup quite often, and I have the following IPFW rules which
allow nslookup to talk to my ISP's DNS server:
allow udp from ${my_ip} to ${dns_server} 53
allow udp from ${dns_server} 53 to ${my_ip}
Problem with the above rules is that people can pass IPFW if they use UDP port
53 with a spoofed IP that matches my ISP's DNS server. Is there a way to fix my
problem?
Thanks.
-Hugh
__________________________________________________
Do You Yahoo!?
Yahoo! Photos -- now, 100 FREE prints!
http://photos.yahoo.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000613014237.10942.qmail>