Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

don't understand some firewall log activities

Posted on 2001-06-04
3
Medium Priority
?
205 Views
Last Modified: 2013-11-16
this is the screen capture from the checkpoint firewall log viewer. Please take a look first

http://free4home.dns2go.com/~adrian/screen01.jpg



I always find that these two hosts connect my firewall thru service is domain-udp.
Actually these two hosts is from our ISP

What are they doing ?
0
Comment
Question by:adrianmak
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 12

Expert Comment

by:Housenet
ID: 6154773
-Looks to me to be simple DNS traffic. port 53 UDP protocol 7. You cannot resolve sites from the lan with regular DNS queries..
0
 
LVL 12

Expert Comment

by:Housenet
ID: 6154774
-Looks to me to be simple DNS traffic. port 53 UDP protocol 7. You cannot resolve sites from the lan with regular DNS queries..
0
 
LVL 1

Accepted Solution

by:
Haho earned 20 total points
ID: 6159094
yes it does seem like DNS query packets..
DNS query uses UDP but DNS zone transfer uses TCP.
Is your servers a DNS server.. that would explain your ISP querying your server for xxx.com because your server is the authorative DNS server for xxx.com.

Cheers
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let's recap what we learned from yesterday's Skyport Systems webinar.
What we learned in Webroot's webinar on multi-vector protection.
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question