TCP Source Port 0

Posted on 2011-10-27
Last Modified: 2012-05-12
for TCP Source Port 0 cisco say: there may be malicious activity going on

am getting this alert on my IPS

how to dig down more, where to look whats going on
Question by:osloboy
    LVL 32

    Expert Comment


    TCP port 0 is a reserved well know port as defined by IANA. So, you  should not see this port being used, else it is being crafted by malicious users.

    harbor235 ;}
    LVL 35

    Accepted Solution

    You could check the ip addresses (do a trace or a dig) to see where it's coming from, then decide if you want to block those.
    LVL 39

    Expert Comment

    Port 0 is reserved by IANA, it is used by IP applications  to indicate the use of a computer generated  (ephemeral port) number.
    Depending on the system the range of available numbers varies.  ( )
    As such it should never occur "in the wild".


    Author Closing Comment


    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Join & Write a Comment

    When the confidentiality and security of your data is a must, trust the highly encrypted cloud fax portfolio used by 12 million businesses worldwide, including nearly half of the Fortune 500.
    Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    23 Experts available now in Live!

    Get 1:1 Help Now