Solved

don't understand some firewall log activities

Posted on 2001-06-04
3
200 Views
Last Modified: 2013-11-16
this is the screen capture from the checkpoint firewall log viewer. Please take a look first

http://free4home.dns2go.com/~adrian/screen01.jpg



I always find that these two hosts connect my firewall thru service is domain-udp.
Actually these two hosts is from our ISP

What are they doing ?
0
Comment
Question by:adrianmak
  • 2
3 Comments
 
LVL 12

Expert Comment

by:Housenet
ID: 6154773
-Looks to me to be simple DNS traffic. port 53 UDP protocol 7. You cannot resolve sites from the lan with regular DNS queries..
0
 
LVL 12

Expert Comment

by:Housenet
ID: 6154774
-Looks to me to be simple DNS traffic. port 53 UDP protocol 7. You cannot resolve sites from the lan with regular DNS queries..
0
 
LVL 1

Accepted Solution

by:
Haho earned 5 total points
ID: 6159094
yes it does seem like DNS query packets..
DNS query uses UDP but DNS zone transfer uses TCP.
Is your servers a DNS server.. that would explain your ISP querying your server for xxx.com because your server is the authorative DNS server for xxx.com.

Cheers
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Upgrade BIOS / EUFI at Scale 4 69
android samsung attempts 10 59
Home security 15 58
ow do I browse the internet secretly? 6 44
If you are looking at this article, you have most likely been hit by some version of ransomware and are trying to find out if there is anything you can do, or what way you should react - READ ON!
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

713 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question