Solved

Several attempts on our firewall on port 113? Is this needed?

Posted on 2008-10-30
6
286 Views
Last Modified: 2013-11-16
I have noticed several connections from external IP addresses attempting to connect to our firewall's main Ip address on port 113. They are all being blocked, but I am wondering what these connections are and why are they being attempted?

Can someone help me with this?
0
Comment
Question by:nichiaiinc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 32

Accepted Solution

by:
dpk_wal earned 500 total points
ID: 22856804
Port 113 is used for Authentication Service / Identification Protocol; as the connections are blocked and you do not have any open service you need not bother. If you wish, you can put the IP under blocked site or the port under blocked ports; also you might wish to contact your ISP and blacklist the sender completely.

Thank you.
0
 

Author Comment

by:nichiaiinc
ID: 22860317
thanks again for answering another one of my questions DPK WAL. Is there any possibility that these connections could be legitimate and I should be allowing them through?
0
 
LVL 32

Assisted Solution

by:dpk_wal
dpk_wal earned 500 total points
ID: 22860409
If you are not hosting any service which needs the incoming session then they cannot be legitimate; if the application needs incoming connection which are part of the session then they would be allowed by the firewall [but not on a different port].

Are you running in any problem where some of the auth service not working properly; if none then I do not think that the connections are legitimate.

Thank you.
0
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

 
LVL 32

Expert Comment

by:dpk_wal
ID: 22860725
You are welcome; happy I could be of assistance! :)
0
 

Author Comment

by:nichiaiinc
ID: 22860650
thanks DPK WAL!
0
 

Author Closing Comment

by:nichiaiinc
ID: 31511607
Perfect!
0

Featured Post

Retailers - Is your network secure?

With the prevalence of social media & networking tools, for retailers, reputation is critical. Have you considered the impact your network security could have in your customer's experience? Learn more in our Retail Security Resource Kit Today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question