Jump to content
Compatible Support Forums
Sign in to follow this  
kgeissler

Why would my firewall block DNS requests?

Recommended Posts

Here is an event I have in my Zone Alarm Pro log:

 

The firewall has blocked Internet access to your computer (UDP Port 7062) from 204.127.202.4 (DNS).

 

Why would zone alarm block this? Any idea?

Share this post


Link to post

Well, I am not familiar with that port number (you can check out port listings here for more info) and DNS resolution is normally hosted on port 53. But, in general, you don't want any external traffic to look to your network for name resolution if you have DNS servers that are only meant for your network. Now, if you were hosting your own Name Servers for external resolution of subdomains for your TLD, that would be a different story. But, it sounds like you aren't, so I wouldn't let them in anyway.

 

smile

Share this post


Link to post

Maybe you were portscanned and the firewall detected that and automatically blocked the IP. However the attacker can spoof his IP and hide behind your provider's DNS, therefore locking you out of the Internet, lol.

 

I don't think that's the case, but maybe the NetBios name of that IP address IS actually DNS, lol too.

Share this post


Link to post

I would guess a port scan. Look at how high the origin port number is. Typically a PC will increment the port number for nonstandard tcp/ip proceesses. For example, if I ran a particular network app 4 times, the first use may use an outgoing port of say 4010, the second 4011, the third 4012 ... get the idea. Now that is just the origin port on my PC. If I were using a generic service, like FTP, then the destination port would be 21 in all the above examples. There are many exceptions to this, as a lot of software is made to use a specific port even for outgoing transmittions. Well, I hope this helped a little.

 

-RY

Share this post


Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  

×