Solved

don't understand some firewall log activities

Posted on 2001-06-04
3
203 Views
Last Modified: 2013-11-16
this is the screen capture from the checkpoint firewall log viewer. Please take a look first

http://free4home.dns2go.com/~adrian/screen01.jpg



I always find that these two hosts connect my firewall thru service is domain-udp.
Actually these two hosts is from our ISP

What are they doing ?
0
Comment
Question by:adrianmak
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 12

Expert Comment

by:Housenet
ID: 6154773
-Looks to me to be simple DNS traffic. port 53 UDP protocol 7. You cannot resolve sites from the lan with regular DNS queries..
0
 
LVL 12

Expert Comment

by:Housenet
ID: 6154774
-Looks to me to be simple DNS traffic. port 53 UDP protocol 7. You cannot resolve sites from the lan with regular DNS queries..
0
 
LVL 1

Accepted Solution

by:
Haho earned 5 total points
ID: 6159094
yes it does seem like DNS query packets..
DNS query uses UDP but DNS zone transfer uses TCP.
Is your servers a DNS server.. that would explain your ISP querying your server for xxx.com because your server is the authorative DNS server for xxx.com.

Cheers
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Suggested Courses

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question