Before I had bind-9.5.0-P2 and now I upgrade to bind-9.5.1. I readed that in bind-9.5.1 is additional support for query port randomization
including performance improvement and port range specification. But is this ok? netstat udp 0 0 ls1.tel.net.ba:29825 203.64.139.9:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:24836 static.213-133-1:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:21124 alius.crackerjac:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:60933 crackerjack.net:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:50446 ns1.dynadot.com:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:61075 alius.crackerjac:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:21915 firewall.camping:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:18076 crackerjack.net:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:31142 crackerjack.net:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:6311 208.66.192.102:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:3369 crackerjack.net:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:36017 crackerjack.net:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:40502 crackerjack.net:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:17719 alius.crackerjac:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:37307 189.40.238.6:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:46274 alius.crackerjac:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:11719 ns2.suspended-fo:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:51400 ns2.suspended-fo:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:34386 alius.crackerjac:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:32600 crackerjack.net:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:20732 crackerjack.net:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:61023 bod40.i0waterfor:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:60767 crackerjack.net:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:9450 crackerjack.net:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:28270 43.72.84ae.stati:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:43630 alius.crackerjac:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:39417 alius.crackerjac:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:24569 crackerjack.net:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:24569 crackerjack.net:domain ESTABLISHED Active UNIX domain sockets (w/o servers) netstat after 5 min. udp 0 0 ls1.tel.net.ba:16525 202.153.32.6:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:8975 a.gtld-servers.net:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:50959 60.217.239.181:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:61714 208.72.175.3:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:37656 66.232.104.156:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:39455 79.135.181.219:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:60193 64.38.223.8:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:21540 alius.crackerjac:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:19494 crackerjack.net:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:25266 crackerjack.net:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:50355 crackerjack.net:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:20923 a.gtld-servers.net:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:58044 ns.kuins.kyoto-u:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:16575 crackerjack.net:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:45376 crackerjack.net:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:34372 ns1.tahoe.everyd:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:65489 170.185.16.2:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:7506 12.154.116.35:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:56658 crackerjack.net:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:45396 ns2.suspended-fo:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:50905 a.gtld-servers.net:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:3673 bod41.i0waterfor:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:31833 64.38.223.8:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:11872 crackerjack.net:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:65519 alius.crackerjac:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:18549 ns1.crsnic.net:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:28023 114-32-136-127.H:domain ESTABLISHED udp 0 0 ls1.tel.net.ba:12921 79.135.181.219:domain ESTABLISHED As you can see, the ports are changing, but there is always crackerjack.net every time on differnet ports? Can I simply put this user in IP tables? In previously version bind-9.5.0-P2 there was not at all ESTABLISHED socket from foreign users. Otherwise, My network and configuration is the same like before upgrade. Only when I upgreded to bind 9.5.1., there are now many udp socket. Is this characteristical behaviour for bind.9.5.1? I'm going to <http://www.isc.org> www.isc.org but I can't find this answers? Please can you answer of my question? Thanks in advance! Elysabeth
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users