Solved

UDP ports, almost all are open

Posted on 2013-11-02
5
412 Views
Last Modified: 2013-11-08
hi all,

running server 2003 w/ exchange 2003

running a netstat -aa and readout is ALARMING!

there are atleast 200 random ports like -

UDP   server:5852    *.*
UDP   server:1594    *.*

the only services that are Port forwarded from firewall are 25, 80, 443, 3389


where can i start looking?
0
Comment
Question by:Mutogi
  • 3
  • 2
5 Comments
 
LVL 9

Expert Comment

by:Shadowless127
ID: 39619251
When you say firewall, do you mean Windows firewall or network firewall?

Also, is your antivirus/antimalware on the server up to date?
0
 
LVL 3

Author Comment

by:Mutogi
ID: 39619259
yes, i use Vipre business and upto an hour ago yes.

firewall/routor is Untangle, new install from scratch and new harddrive
0
 
LVL 9

Assisted Solution

by:Shadowless127
Shadowless127 earned 250 total points
ID: 39619263
So it's a separate firewall.

I would check the logs in untangle and see what traffic is going/coming from the IP of the server.  If you have no software firewall enabled on the sever it will still have all it's ports open but untangle will filter which ports go to the outside and come in to the inside.
0
 
LVL 3

Accepted Solution

by:
Mutogi earned 0 total points
ID: 39619960
after all the work with finding this rouge 512byte packets being sent out on broadcast i was able to use colasoft packet capture and find the mac that was doing it.

Our Hopper from DISH must have a bad card or software, unplugged it network is very quite indeed.

sorry dish your fired!
0
 
LVL 3

Author Closing Comment

by:Mutogi
ID: 39632967
after all the work with finding this rouge 512byte packets being sent out on broadcast i was able to use colasoft packet capture and find the mac that was doing it.

Our Hopper from DISH must have a bad card or software, unplugged it network is very quite indeed.

sorry dish your fired!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Log files are useful in diagnosing and repairing problems.  This is a list of common log files and their standard locations that I've compiled.   While this is not exhaustive, it is a pretty good list that I've found to be useful.  I may update it f…
This is a little timesaver I have been using for setting up Microsoft Small Business Server (SBS) in the simplest possible way. It may not be appropriate for every customer. However, when you get a situation where the person who owns the server is i…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

896 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now