Solved

Do I have somthing to worry about?

Posted on 2001-08-02
1
127 Views
Last Modified: 2010-04-13
I'm running W2K advance server with Mcafee firewall software.  I found this line in the firewall logs was wondering if I need to be worried about it:

2001/08/02 12:14:41 AM: SERVICES port 68 (Bootp client) -  listening , lasting 61 second(s), 1200 bytes sent, 0 bytes received.

In my server logs, I found 12 different countries trying to get /default.ida.  I have all patches and hot fixes applied.  Any clues?

Also, how do I close port 68?
Stephen G
0
Comment
Question by:StephenG
1 Comment
 
LVL 5

Accepted Solution

by:
Draak earned 100 total points
ID: 6343812
there are two ports used for the bootp process on your server:
port 67 is used for the server requests. This means that any client requests for IP address from a dhcpserver enter that dhcpserver through port 67.

port 68 id used for the client requests. This means that if the Server gets an ip address from a dhcpserver, it will send the request through port 68 on to the network to a dhcpserver.

If your server receives an ip address from an ISP for the internet connection, then it sends this request for the ip address through port 68 to the dhcpserver of your ISP. If you close the port, then the server is unable to recieve an internet address, thus cutting your internet connection.

If you do not have any machine that need to receive an ip address  from a dhcpserver from across your firewall, you may close the port 68 and even the port 67.

closing port 67 prevents any client to send a request to your network from across the firewall.

closing port 68 prevents any of your client to send a request for ip to a dhcpserver acroos the firewall.

best regards

draak
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now