> What I figured out is that the server uses an unpriviliged random udp
> port when originating queries to other name servers and that named binds
> that udp port a priori and listens on that port waiting for replies to
> questions it will make. I hope I got it right, could someone please
> confirm
ok, I get it now. In the configuration file there is the commented out
line
// query-source address * port 53;
which activates the default
query-source address * port *;
I couldn't understand the relation between the above configuration
option (which specifies an address and port to use when
> What I figured out is that the server uses an unpriviliged random udp
> port when originating queries to other name servers and that named binds
> that udp port a priori and listens on that port waiting for replies to
> questions it will make. I hope I got it right, could someone please
> confirm
ok, I get it now. In the configuration file there is the commented out
line
// query-source address * port 53;
which activates the default
query-source address * port *;
I couldn't understand the relation between the above configuration
option (which specifies an address and port to use when
> I killed and restarted named.
> the udp port that named seems to be listening on has now changed to 1026
Both ports are also just above the 1024 barrier for which root is required.
Have you increased debug level to see if maybe it reports why/what it's
doing?
Add -d 5 to the OPTS="" line in /etc
> I killed and restarted named.
> the udp port that named seems to be listening on has now changed to 1026
Both ports are also just above the 1024 barrier for which root is required.
Have you increased debug level to see if maybe it reports why/what it's
doing?
Add -d 5 to the OPTS="" line in /etc
If you look in /etc/bind/named.conf you'll see a line
near the top
query-source address * port ;
which is probably set to 1025. That's the new
package default I believe.
--
--
Nuke bin Laden: Dale Amon, CEO/MD
improve
If you look in /etc/bind/named.conf you'll see a line
near the top
query-source address * port ;
which is probably set to 1025. That's the new
package default I believe.
--
--
Nuke bin Laden: Dale Amon, CEO/MD
improve
On Fri, 22 Nov 2002 at 02:56:24PM +0200, Costas Magos wrote:
> Some more info:
>
> I killed and restarted named.
> the udp port that named seems to be listening on has now changed to 1026
Just a stretch...but I seem to recall bind uses a high port to receive
query answers on so it does not need r0
rg
> Subject: RE: unknown udp port
>
>
> Georgatos Evaggelos wrote:
> >Well which bind version are you running??
>
> The bind version I am using is the default woody version,
> that is 9.2.1.
>
> > Could it be an rndc or ndc listener??
>
> rnd
n 53 udp/tcp.
Ay ideas?
> -Original Message-
> From: Georgatos Vaggelis [mailto:[EMAIL PROTECTED]
> Sent: Thursday, November 21, 2002 8:40 PM
> To: debian-security@lists.debian.org
> Subject: Re: unknown udp port
>
>
>
> Good evening
>
>
> --
>
>
> N
On Fri, 22 Nov 2002 at 02:56:24PM +0200, Costas Magos wrote:
> Some more info:
>
> I killed and restarted named.
> the udp port that named seems to be listening on has now changed to 1026
Just a stretch...but I seem to recall bind uses a high port to receive
query answers on so it does not need r0
ere isn't any extra
> configuration about ports (source or listen-on). Bind should be only
> listening on 53 udp/tcp.
>
> Ay ideas?
>
> > -Original Message-
> > From: Georgatos Vaggelis [mailto:[EMAIL PROTECTED]]
> > Sent:
n 53 udp/tcp.
Ay ideas?
> -Original Message-
> From: Georgatos Vaggelis [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, November 21, 2002 8:40 PM
> To: [EMAIL PROTECTED]
> Subject: Re: unknown udp port
>
>
>
> Good evening
>
>
> --
>
>
> Network
Good evening
Well which bind version are you running??
Could it be an rndc or ndc listener??
Have you made any special configuration in order to set the queries
source port ??
for example:
query-source address * port 1;
--
Georgatos Evaggelos
Network Operations Center
Department of Informa
On Thu, 21 Nov 2002 at 07:26:13PM +0200, Costas Magos wrote:
> Hi all,
>
> Anyone knows what 1025 udp stands for? This is a newly installed woody
> on a sparc classic.
try:
netstat -ap | less
(as root).
This will tell you which process is bound to that port.
Hope this helps.
--
Phil
PGP/GPG
[named]
12835 pts/1S 0:00 grep 151
~kmag
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Sent: Thursday, November 21, 2002 7:54 PM
> To: Costas Magos
> Cc: debian-security@lists.debian.org
> Subject: Re: unknown udp port
>
>
>
Hello Costa,
To know how port is used by some program do this:
# netstat -ln
Get port number
# fuser -n tcp port number
This command gave to you the proces number that runs in this port.
Now:
# ps auxw | grep process number
Done!
Sample:
# netstat -ln
tcp0 0 0.0.0.0:1024
On Thu, Nov 21, 2002 at 07:26:13PM +0200, Costas Magos wrote:
> Hi all,
>
> Anyone knows what 1025 udp stands for? This is a newly installed woody
> on a sparc classic.
>
>
> ns1:/etc# netstat -l
> Active Internet connections (only servers)
> Proto Recv-Q Send-Q Local Address Foreign A
On Thu, Nov 21, 2002 at 07:26:13PM +0200, Costas Magos wrote:
> Hi all,
>
> Anyone knows what 1025 udp stands for? This is a newly installed woody
> on a sparc classic.
>
>
try
netstat -lp
as root, to show the pid doing this.
--
Easter-eggsSpécialiste GNU/Li
On Thursday 21 November 2002 17:26, Costas Magos wrote:
> Hi all,
>
> Anyone knows what 1025 udp stands for? This is a newly installed woody
> on a sparc classic.
rpc.statd uses this port.
Good evening
Well which bind version are you running??
Could it be an rndc or ndc listener??
Have you made any special configuration in order to set the queries
source port ??
for example:
query-source address * port 1;
--
Georgatos Evaggelos
Network Operations Center
Department of Informa
On Thu, 21 Nov 2002 at 07:26:13PM +0200, Costas Magos wrote:
> Hi all,
>
> Anyone knows what 1025 udp stands for? This is a newly installed woody
> on a sparc classic.
try:
netstat -ap | less
(as root).
This will tell you which process is bound to that port.
Hope this helps.
--
Phil
PGP/GPG
[named]
12835 pts/1S 0:00 grep 151
~kmag
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, November 21, 2002 7:54 PM
> To: Costas Magos
> Cc: [EMAIL PROTECTED]
> Subject: Re: unknown udp port
>
>
> On Thu, Nov 2
Hello Costa,
To know how port is used by some program do this:
# netstat -ln
Get port number
# fuser -n tcp port number
This command gave to you the proces number that runs in this port.
Now:
# ps auxw | grep process number
Done!
Sample:
# netstat -ln
tcp0 0 0.0.0.0:1024
On Thu, Nov 21, 2002 at 07:26:13PM +0200, Costas Magos wrote:
> Hi all,
>
> Anyone knows what 1025 udp stands for? This is a newly installed woody
> on a sparc classic.
>
>
> ns1:/etc# netstat -l
> Active Internet connections (only servers)
> Proto Recv-Q Send-Q Local Address Foreign A
On Thu, Nov 21, 2002 at 07:26:13PM +0200, Costas Magos wrote:
> Hi all,
>
> Anyone knows what 1025 udp stands for? This is a newly installed woody
> on a sparc classic.
>
>
try
netstat -lp
as root, to show the pid doing this.
--
Easter-eggsSpécialiste GNU/Li
On Thursday 21 November 2002 17:26, Costas Magos wrote:
> Hi all,
>
> Anyone knows what 1025 udp stands for? This is a newly installed woody
> on a sparc classic.
rpc.statd uses this port.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PRO
28 matches
Mail list logo
