There will be too many speculations to your question because
there is some
missing information:
1. What is your cleanup rule
like?
2. What are your policy
properties?
3. What are you
logging?
4. Have you created a rule to
monitor DNS queries?
If the policy properties, for example, list DNS UDP queries as
First, then they
won't be logged and yes, it will answer queries for internal
machines. That's
why you either 1) put a primary DNS server in the external DMZ
and create a
secondary DNS server on the private side forwarding queries to
the external
DNS for name resolution; or 2) you completely block DNS
queries to the
inside.
David C. Diemer, CCSE Enterprise Security Firewall Engineer Georgia
Department of Administrative Services (DOAS) 200 Piedmont Ave. SE Suite
1420, West Tower Atlanta, GA 30334 [email protected](V) (F) >>> "Scott Kellerman"
< [email protected]> 04/17/01 02:27PM >>> I have
noticed that when I'm at home, not connected to our network at work, I have
the ability to use our internal DNS server to resolve address' on my home
machine. I have no access set up to our DNS servers from the outside,
and when I watch the logs, I see nothing come in to the internal DNS server
when I use it from home .....But it resolves the address' of even internal
non routable machines from home. Any ideas why
? Thanks. _________________________________________________________________ Get
your FREE download of MSN Explorer at http://explorer.msn.com================================================================================
To unsubscribe from this mailing list, please see the instructions
at
http://www.checkpoint.com/services/mailing.html================================================================================
|