Solved

UDP ports, almost all are open

Posted on 2013-11-02
5
398 Views
Last Modified: 2013-11-08
hi all,

running server 2003 w/ exchange 2003

running a netstat -aa and readout is ALARMING!

there are atleast 200 random ports like -

UDP   server:5852    *.*
UDP   server:1594    *.*

the only services that are Port forwarded from firewall are 25, 80, 443, 3389


where can i start looking?
0
Comment
Question by:Mutogi
  • 3
  • 2
5 Comments
 
LVL 9

Expert Comment

by:Shadowless127
Comment Utility
When you say firewall, do you mean Windows firewall or network firewall?

Also, is your antivirus/antimalware on the server up to date?
0
 
LVL 3

Author Comment

by:Mutogi
Comment Utility
yes, i use Vipre business and upto an hour ago yes.

firewall/routor is Untangle, new install from scratch and new harddrive
0
 
LVL 9

Assisted Solution

by:Shadowless127
Shadowless127 earned 250 total points
Comment Utility
So it's a separate firewall.

I would check the logs in untangle and see what traffic is going/coming from the IP of the server.  If you have no software firewall enabled on the sever it will still have all it's ports open but untangle will filter which ports go to the outside and come in to the inside.
0
 
LVL 3

Accepted Solution

by:
Mutogi earned 0 total points
Comment Utility
after all the work with finding this rouge 512byte packets being sent out on broadcast i was able to use colasoft packet capture and find the mac that was doing it.

Our Hopper from DISH must have a bad card or software, unplugged it network is very quite indeed.

sorry dish your fired!
0
 
LVL 3

Author Closing Comment

by:Mutogi
Comment Utility
after all the work with finding this rouge 512byte packets being sent out on broadcast i was able to use colasoft packet capture and find the mac that was doing it.

Our Hopper from DISH must have a bad card or software, unplugged it network is very quite indeed.

sorry dish your fired!
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Have you ever had a hard drive that you can't boot into, but need to change the registry? Here is the solution! This article guides you through accessing and editing a registry of a non-primary drive. To read registry information on a non-prim…
This is a little timesaver I have been using for setting up Microsoft Small Business Server (SBS) in the simplest possible way. It may not be appropriate for every customer. However, when you get a situation where the person who owns the server is i…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now