TCP/UDP Port 53
DNS Service is typically used to convert between URL's and IP Addresses.
If you are running a DNS server and have forwarded port 53 on your firewall
then you need to setup a port forward within Link Logger such that future
inbound traffic on this port will be logged as normal and not as an alert.
There are a some attacks that target vulnerabilities within DNS servers.
DNS Servers can
be trusted such that future traffic to authorized servers will not
appear as an alert.
CERT Advisory CA-2002-31 Multiple Vulnerabilities in BIND
ISC BIND 8
vulnerable to cache poisoning via negative responses
Page last updated on
February 09, 2004