Question

  • Creator
    Topic
  • #2163004

    How to close DNS UDP ports?

    Locked

    by edelac379 ·

    After reviewing a vulnerability scan on our network it seems that DNS is using some ports which are considered “dangerous”. I found out that dns.exe is using tons of ports and that some of these “bad” ports are in use.

    Is there a way to close these specific ports?

All Answers

  • Author
    Replies
    • #2967519

      Clarifications

      by edelac379 ·

      In reply to How to close DNS UDP ports?

      Clarifications

    • #2967393

      DNS Ports

      by nimmo ·

      In reply to How to close DNS UDP ports?

      I don’t want to sound patronizing or rude but do you know what DNS actually does? It’s is pretty much one of the most important protocols on the internet these days, if you didn’t use/have DNS you would spend your days typing in IP addresses to visit web sites.

      DNS uses port 53 UDP but TCP port 53 does get used sometimes (some programs also use TCP 53 for all DNS queries). If you close these ports your going to get a lot of problems.

      What ports were showing up on the results? You may want to take a look through this list of ports and confirm what protocol they really are if they are not on 53. http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

      If you really do want to test and see what happens when you block these ports just block it at the firewall.

    • #2967382

      DNS only uses tcp/53 and udp/53

      by synner ·

      In reply to How to close DNS UDP ports?

      RFC 1035 does not specify any other port other than tcp/53 and udp/53. DNS services uses UDP/53 most of the time. If a request takes more than one packet to complete, DNS will switch to TCP. If you are seeing a DNS.exe process in your systems and it’s using other ports, you may have a compromised system.

Viewing 2 reply threads