[Cerowrt-devel] arp for 0.0.0.0
Maciej Soltysiak
maciej at soltysiak.com
Fri Jan 25 13:01:40 EST 2013
On 25 Jan 2013 17:23, "Michael Richardson" <mcr at sandelman.ca> wrote:
> It also seems that there is no control to keep dnsmasq from answering
> on my ge00. I guess some trojans try to use me for DOS amplication by
> asking for isc.org continuously?
There is.
Although dnsmasq listens on 0.0.0.0:53 and :::53 it is not responding on
ge00.
Thanks to list notinterface ge00 in /etc/config/dhcp
This means that port 53 is open, but DNS is not accessible from ge00, see:
solt at mkslnx004:~$ nmap -sV -p 53 A.B.C.D
Starting Nmap 5.21 ( http://nmap.org ) at 2013-01-25 18:55 CET
Nmap scan report for XXXXX (A.B.C.D)
Host is up (0.018s latency).
PORT STATE SERVICE VERSION
53/tcp open tcpwrapped
Service detection performed. Please report any incorrect results at
http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 0.75 seconds
solt at mkslnx004:~$ nslookup kernel.org A.B.C.D
;; connection timed out; no servers could be reached
If you want to close that down you could be drop all on ge00 by: iptables
-I zone_wan -j DROP
or just filter 53.
Regards,
Maciej
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.bufferbloat.net/pipermail/cerowrt-devel/attachments/20130125/87b2ed1a/attachment-0002.html>
More information about the Cerowrt-devel
mailing list