large organization nameservers sending icmp packets to dns servers.

• Previous message (by thread): large organization nameservers sending icmp packets to dns servers.
• Next message (by thread): large organization nameservers sending icmp packets to dns servers.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Aug 8, 2007, at 8:59 AM, Jamie Bowden wrote:
> How is answering a query on TCP/53 any MORE dangerous than  
> answering it
> on UDP/53?  Really.  I'd like to know how one of these security  
> nitwits
> justifies it.  It's the SAME piece of software answering the query
> either way.

How many bytes of shell code can you stuff in a 512 byte DNS UDP packet?

How many bytes of shell code can you stuff in a TCP DNS connection?

Rgds,
-drc

P.S. I still think blocking TCP/53 is stupid.

• Previous message (by thread): large organization nameservers sending icmp packets to dns servers.
• Next message (by thread): large organization nameservers sending icmp packets to dns servers.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]