Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


TCP Source Port 0

Posted on 2011-10-27
Medium Priority
Last Modified: 2012-05-12
for TCP Source Port 0 cisco say: there may be malicious activity going on

am getting this alert on my IPS

how to dig down more, where to look whats going on
Question by:osloboy
LVL 32

Expert Comment

ID: 37042436

TCP port 0 is a reserved well know port as defined by IANA. So, you  should not see this port being used, else it is being crafted by malicious users.


harbor235 ;}
LVL 35

Accepted Solution

Ernie Beek earned 1500 total points
ID: 37043363
You could check the ip addresses (do a trace or a dig) to see where it's coming from, then decide if you want to block those.
LVL 41

Expert Comment

ID: 37043412
Port 0 is reserved by IANA, it is used by IP applications  to indicate the use of a computer generated  (ephemeral port) number.
Depending on the system the range of available numbers varies.  (  http://www.ncftp.com/ncftpd/doc/misc/ephemeral_ports.html )
As such it should never occur "in the wild".


Author Closing Comment

ID: 37048959

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Considering today’s continual security threats, which affect Information technology networks and systems worldwide, it is very important to practice basic security awareness. A normal system user can secure himself or herself by following these simp…
This blog will spread awareness about Dropbox. We have given the statements based upon our experience. Along with this, there is a section of some new plans that should be added in Dropbox this year. This will make the storage service enhanced from …
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question