How To Guide: Allow TCP and UDP Port 53 to DNS Servers

This how-to guide offers instruction for allowing firewalls for forward both TCP and UDP port 53 packets.

By Enterprise Networking Planet Staff | Posted Aug 24, 2010
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn

A guide on Network World tells users how to permit forwarding of both TCP and UDP port 53 packets. This is necessary because of the possible deployment of DNSSEC and the addition of IPv6 that will occur in the coming years. Included in the guide are sections on firewall commands and testing.


"DNS can be used by attackers as one of their reconnaissance techniques. Public information contained a target's servers is valuable to an attacker and helps them focus their attacks. Attackers can use a variety of techniques to retrieve DNS information through queries. However, hackers often try to perform a zone transfer from your authoritative DNS servers to gain access to even more information. You can use the dig command to gather information from a server for a specific zone file. dig @192.168.11.24 example.org -t AXFRXXX"

Read the Full Guide at Network World

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter