Solved

Do I have somthing to worry about?

Posted on 2001-08-02
1
131 Views
Last Modified: 2010-04-13
I'm running W2K advance server with Mcafee firewall software.  I found this line in the firewall logs was wondering if I need to be worried about it:

2001/08/02 12:14:41 AM: SERVICES port 68 (Bootp client) -  listening , lasting 61 second(s), 1200 bytes sent, 0 bytes received.

In my server logs, I found 12 different countries trying to get /default.ida.  I have all patches and hot fixes applied.  Any clues?

Also, how do I close port 68?
Stephen G
0
Comment
Question by:StephenG
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 5

Accepted Solution

by:
Draak earned 100 total points
ID: 6343812
there are two ports used for the bootp process on your server:
port 67 is used for the server requests. This means that any client requests for IP address from a dhcpserver enter that dhcpserver through port 67.

port 68 id used for the client requests. This means that if the Server gets an ip address from a dhcpserver, it will send the request through port 68 on to the network to a dhcpserver.

If your server receives an ip address from an ISP for the internet connection, then it sends this request for the ip address through port 68 to the dhcpserver of your ISP. If you close the port, then the server is unable to recieve an internet address, thus cutting your internet connection.

If you do not have any machine that need to receive an ip address  from a dhcpserver from across your firewall, you may close the port 68 and even the port 67.

closing port 67 prevents any client to send a request to your network from across the firewall.

closing port 68 prevents any of your client to send a request for ip to a dhcpserver acroos the firewall.

best regards

draak
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Changing a few Outlook Options can help keep you organized!
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question