Re: [OT] port 53

To: debian-user@lists.debian.org
Cc: debian-user@lists.debian.org
Subject: Re: [OT] port 53
From: lina <lina.lastname@gmail.com>
Date: Mon, 2 Jul 2012 10:37:24 +0800
Message-id: <[🔎] CAG9cJm=F8PLbBi=hTVppyeAJwThYCckRrqw3Byq-kx1AcmXn-A@mail.gmail.com>
In-reply-to: <[🔎] 20120701220423.2872913c@jretrading.com>
References: <[🔎] CAG9cJm=zG+FnpaL_LJdBR2d9y5W30i41HJOQy4+X58kP5S10sg@mail.gmail.com> <[🔎] 20120701220423.2872913c@jretrading.com>

On Mon, Jul 2, 2012 at 5:04 AM, Joe <joe@jretrading.com> wrote:
> On Sun, 1 Jul 2012 23:26:58 +0800
> lina <lina.lastname@gmail.com> wrote:
>
>> Hi,
>>
>> (1) What shall I do if lots of foreign address connected to my port 53
>> (details see the bottom),
>>
>
> Not worry about it. I get a lot of attempted connections to 53, which
> are all completely bogus as no public DNS server has run on this IP
> address for at least thirteen years that I know of, and my IP address is
> certainly not listed anywhere as a nameserver for any of my domains.
> Many connections come from China...

It's the first time I notice this phenomenon. :-) indeed worry lots at
that time. Thanks.
A quite interesting piece of news is that many Chinese domestic
computers are controlled by oversea IP address. (See the link
http://english.cntv.cn/20120320/107134.shtml)
>
> There have been a number of BIND vulnerabilities over the years, and
> I'm sure MS has had a similar number, and there are a few weaknesses
> involved theoretically with DNS. Control of a DNS server, even a
> private one, is a rich prize for a cracker, so it's a heavily-attacked
> service.
>
>> (2) ssh: Could not resolve hostname at the same time.
>
> I wouldn't see much connection there. It sounds as if something is
> amiss with your DNS setup, as others have said. Your local DNS server,
> whatever it is, should not be open to the Internet, and there really
> should be no link with these external connection attempts.

I don't know how to check the "amiss" you mentioned above.

>
>>
>> (3) Seems it's initiated by iceweasle.
>>
>
> Mine mostly are random, but some of them have some connection with
> whatever my son does by way of Internet gaming. His computer is in my
> DMZ.
>
> If you're browsing commercial sites, you're probably accessing many
> other sites without your knowledge. Just about every commercial webpage
> now seems to include JavaScript to connect to all the social networks
> known to Man, as well as various Google functions and ad trackers. I
> run No-Script in FF/IW (there are many other script-control add-ins)
> to try to minimise this rubbish, but most web designers today seem
> incapable of displaying anything without using JavaScript.

Best regards,
>
> --
> Joe
>
>
> --
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: [🔎] 20120701220423.2872913c@jretrading.com">http://lists.debian.org/[🔎] 20120701220423.2872913c@jretrading.com
>

Reply to:

References:
- [OT] port 53
  - From: lina <lina.lastname@gmail.com>
- Re: [OT] port 53
  - From: Joe <joe@jretrading.com>

Prev by Date: Re: VMBuilder for for squeeze
Next by Date: Re: [OT] port 53
Previous by thread: Re: [OT] port 53
Next by thread: Re: [OT] port 53
Index(es):
- Date
- Thread