Page 1 of 1

tcp/udp ports that dnslookups use

Posted: Fri Feb 02, 2007 1:49 pm
by Burrito
google is not being very helpful on this issue.

I need to know what port(s) dns lookups go through.

I'm setting up a dns server and putting it behind a firewall. Need to know what I need to poke through.

thanks,

Burr

Posted: Fri Feb 02, 2007 2:02 pm
by Burrito
nevermind, I found it...it's 53

Posted: Fri Feb 02, 2007 3:50 pm
by Chris Corbyn
:) I was lookg forward to responding too.

Useful tip for the future. Open up /etc/services and look in there. You can also use a tool called nmap (no joke here, use it sparingly) to "scan" anothert machine for open ports and return a list, usually indicating hat the port is commonly used for:

Code: Select all

d11wtq@w3style.co.uk:~$ nmap swiftmailer.org

Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2007-02-02 21:48 UTC
Interesting ports on swiftmailer.org (217.147.94.70):
(The 1658 ports scanned but not shown below are in state: closed)
PORT    STATE SERVICE
21/tcp  open  ftp
22/tcp  open  ssh
80/tcp  open  http
143/tcp open  imap
993/tcp open  imaps

Nmap finished: 1 IP address (1 host up) scanned in 9.355 seconds
d11wtq@w3style.co.uk:~$ nmap smtp.swiftmailer.org

Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2007-02-02 21:48 UTC
Interesting ports on w3style.co.uk (217.147.94.117):
(The 1656 ports scanned but not shown below are in state: closed)
PORT    STATE SERVICE
21/tcp  open  ftp
22/tcp  open  ssh
25/tcp  open  smtp
53/tcp  open  domain
80/tcp  open  http
143/tcp open  imap
993/tcp open  imaps

Nmap finished: 1 IP address (1 host up) scanned in 0.142 seconds
d11wtq@w3style.co.uk:~$
Can you tell they're the same server with multiple IP's? :P