Full Disclosure mailing list archives

Re: Fw: [NTBUGTRAQ] Win 2003 DNS requests makes replies over 512 byte PIX limit

From: Mathias Gerber <mathias () intergga ch>
Date: Thu, 8 May 2003 22:36:16 +0200

Hello hggdh,
On Thu, 8 May 2003 12:09:22 -0500 you wrote:

FYI. Any ideas?

We are running the latest version (6.3.1) on our Cisco PIX and it
appears that there is hard limit of 512 bytes on ANY UDP packets
arriving on port 53.  Everything exceeding that is dropped.

AFAIK the DNS uses TCP for larger replys.
-- 
mathias
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Fw: [NTBUGTRAQ] Win 2003 DNS requests makes replies over 512 byte PIX limit hggdh (May 08)
- Re: Fw: [NTBUGTRAQ] Win 2003 DNS requests makes replies over 512 byte PIX limit Mathias Gerber (May 08)
  - Re: Fw: [NTBUGTRAQ] Win 2003 DNS requests makes replies over 512 byte PIX limit Valdis . Kletnieks (May 08)
  - Re: Fw: [NTBUGTRAQ] Win 2003 DNS requests makes replies over 512 byte PIX limit Derek Atkins (May 08)
  - Re: Fw: [NTBUGTRAQ] Win 2003 DNS requests makes replies over 512 byte PIX limit hggdh (May 08)