Solved

UDP coming in firewall?

Posted on 2012-12-28
6
391 Views
Last Modified: 2013-01-04
It appears UDP packets are coming from the Internet through the Firewall to specific servers.  

Anyone have any idea how this might have happened?  The firewall solution was IPtables.

Any thoughts would be appreciated.
0
Comment
Question by:NYGiantsFan
6 Comments
 
LVL 15

Assisted Solution

by:Frabble
Frabble earned 134 total points
ID: 38728424
It would help if you gave the source and destination ports. They could be return traffic for connections initiated by the servers. You should also be aware that Unix systems use UDP ports 33434 to 33534 for traceroute so are you allowing these in from the outside?
0
 

Author Comment

by:NYGiantsFan
ID: 38728975
I will get those ports shortly. The firewall has NAT. The Destination IP was a private IP address.  (10.16.0.15)
0
 

Author Comment

by:NYGiantsFan
ID: 38729036
Hi,
The source IP address port was 25033 and the destination IP address is 2877.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 166 total points
ID: 38732522
Is the traffic coming into your firewall with the destination IP address of 10.16.0.15, or is this what the public IP address is NAT'ed to?

If 10.16.0.15 is what the NAT translates to, is that IP address valid on your network?

Does is have a service/task listening on UDP port 2877?
0
 
LVL 12

Accepted Solution

by:
DarinTCH earned 200 total points
ID: 38733922
UDP traffic is a legitimate type of traffic for many protocols

so unless we know what your allowing and blocking
protocol wise
its hard to say

was the traffic originated from outside or did your system generate something and your only looking at the return session???

IPTables is a very sinple FW at best

it can be tweaked and used to control traffic to a degree but IT IS NOT a legitimate Enterprise solution

that's why there are several Networking/security companys making the big bucks selling FW
even a open source FW would provide more than IPTables
0
 

Author Closing Comment

by:NYGiantsFan
ID: 38744746
My question was rather vague.  I will refine the question.  Thank you everyone for your thoughts.
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question