Solved

UDP ports, almost all are open

Posted on 2013-11-02
5
425 Views
Last Modified: 2013-11-08
hi all,

running server 2003 w/ exchange 2003

running a netstat -aa and readout is ALARMING!

there are atleast 200 random ports like -

UDP   server:5852    *.*
UDP   server:1594    *.*

the only services that are Port forwarded from firewall are 25, 80, 443, 3389


where can i start looking?
0
Comment
Question by:Mutogi
  • 3
  • 2
5 Comments
 
LVL 9

Expert Comment

by:Shadowless127
ID: 39619251
When you say firewall, do you mean Windows firewall or network firewall?

Also, is your antivirus/antimalware on the server up to date?
0
 
LVL 3

Author Comment

by:Mutogi
ID: 39619259
yes, i use Vipre business and upto an hour ago yes.

firewall/routor is Untangle, new install from scratch and new harddrive
0
 
LVL 9

Assisted Solution

by:Shadowless127
Shadowless127 earned 250 total points
ID: 39619263
So it's a separate firewall.

I would check the logs in untangle and see what traffic is going/coming from the IP of the server.  If you have no software firewall enabled on the sever it will still have all it's ports open but untangle will filter which ports go to the outside and come in to the inside.
0
 
LVL 3

Accepted Solution

by:
Mutogi earned 0 total points
ID: 39619960
after all the work with finding this rouge 512byte packets being sent out on broadcast i was able to use colasoft packet capture and find the mac that was doing it.

Our Hopper from DISH must have a bad card or software, unplugged it network is very quite indeed.

sorry dish your fired!
0
 
LVL 3

Author Closing Comment

by:Mutogi
ID: 39632967
after all the work with finding this rouge 512byte packets being sent out on broadcast i was able to use colasoft packet capture and find the mac that was doing it.

Our Hopper from DISH must have a bad card or software, unplugged it network is very quite indeed.

sorry dish your fired!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Have you ever had a hard drive that you can't boot into, but need to change the registry? Here is the solution! This article guides you through accessing and editing a registry of a non-primary drive. To read registry information on a non-prim…
Citrix XenApp, Internet Explorer 11 set to Enterprise Mode and using central hosted sites.xml file.
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question