Solved

QID 34020 UDP firewall vulnerability

Posted on 2016-11-02
2
123 Views
Last Modified: 2016-11-21
QID 34020 UDP firewall vulnerability. How do I fix this?
0
Comment
Question by:Larry Childress
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
2 Comments
 
LVL 63

Accepted Solution

by:
btan earned 500 total points (awarded by participants)
ID: 41870507
I believe you are referring to UDP Source Port Pass Firewall findings. This means your firewall policy seems to allow UDP packets with a specific source port (for example, port 53) to pass through while it blocks UDP packets to the same destination ports but with a random source port. It is possible that the firewall also allows UDP packets with other well-known ports as source ports to go through.

You'll need a rule which monitors session state, likely a firewall (hardware or host based), so that this traffic is only allowed if your servers already sent an outgoing request to the destinated servers (for port 53 case, it is DNS server on UDP 53).
0
 
LVL 63

Expert Comment

by:btan
ID: 41895645
As suggested.
0

Featured Post

Increase your protection from Zero Day threats!

Running two Antivirus' is never a good idea.
Taking advantage of Multiple Security layers on the other hand can often save your hide.
See which top notch security software brands have been proven to happily coexist together.
Reduce your chances of becoming a statistic.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A brand new malware strain was recently discovered by security researchers at Palo Alto Networks dubbed “AceDeceiver.” This new strain of iOS malware can successfully infect non-jailbroken devices and jailbroken devices alike.
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question