[AusNOG] SRV Records

Nicholas Meredith nicholas at udhaonline.net
Tue Jul 15 18:46:01 EST 2014


I have never heard of anyone blocking them before, don't block them unless
you know exactly why you would want to do so.


On Tue, Jul 15, 2014 at 6:41 PM, ANSA SERVERS <info at ausnetservers.net.au>
wrote:

>  Hey Guys,
>
>
>
> Quick question for all the network security buffs on the list….
>
>
>
> Are SRV dns records dangerous and should we continue to  block them at our
> border router?
>
>
>
> I am asking this because we are seeing massive amounts of traffic being
> blocked (and ips hitting out blacklist) from our network because they are
> trying to query our dns cluster for these records.
>
>
>
> These are the default options in the dns proxy policy for the firewall
> that where set when it was installed – but we already know the people that
> installed the firewall had no idea what they were doing…
>
>
>
> So what exactly are these SRV records and what are they used for. We have
> no reason to block them if they pose no risk to our network.
>
>
>
> Regards,
>
>
>
> *Matthew Matters  *Managing Director / CEO of Aus Net Servers Australia
> Pty Ltd
> Management Department  |  Small Business Hosting Sales & Services  |  Aus
> Net Servers Australia Pty Ltd
>
> P  1300 933 038  |  M  0428 028 091  |  E  mmatters at ausnetservers.net.au |
>  W  www.ausnetservers.net.au
>
> ABN 25 162 013 194 | ACN 162 013 194 | ARBN B2318 229M | #1 For Dedicated
> Hosting Solutions For Small Business Since 2007
>
>
>  [image: LinkedIn]
> <http://www.linkedin.com/company/aus-net-servers-australia>[image:
> Twitter] <http://www.twitter.com/ansaservers>The information transmitted
> in this e-mail is for the exclusive use of the intended addressee and may
> contain confidential and/or privileged material. Any review,
> re-transmission, dissemination or other use of it, or the taking of any
> action in reliance upon this information by persons and/or entities other
> than the intended recipient is prohibited. If you received this in error,
> please inform the sender and/or addressee immediately and delete the
> material. If you have been sent this email and it is not addressed to you
> please forward the email as is to hostmaster at ausnetservers.net.au and
> delete all local and inta-local copies including backups from your system.
> E-mails may not be secure, may contain computer viruses and may be
> corrupted in transmission. Please carefully check this e-mail (and any
> attachment) accordingly. No warranties are given and no liability is
> accepted for any loss or damage caused by such matters. This email has been
> scanned before transmission with business grade antivirus and antispam
> software but as mentioned above no warranties can be given that the email
> has not been contaminated after transmission.
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140715/f10f9cb6/attachment.html>


More information about the AusNOG mailing list