Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

QID 34020 UDP firewall vulnerability

Posted on 2016-11-02
2
Medium Priority
?
343 Views
Last Modified: 2016-11-21
QID 34020 UDP firewall vulnerability. How do I fix this?
0
Comment
Question by:Larry Childress
  • 2
2 Comments
 
LVL 65

Accepted Solution

by:
btan earned 2000 total points (awarded by participants)
ID: 41870507
I believe you are referring to UDP Source Port Pass Firewall findings. This means your firewall policy seems to allow UDP packets with a specific source port (for example, port 53) to pass through while it blocks UDP packets to the same destination ports but with a random source port. It is possible that the firewall also allows UDP packets with other well-known ports as source ports to go through.

You'll need a rule which monitors session state, likely a firewall (hardware or host based), so that this traffic is only allowed if your servers already sent an outgoing request to the destinated servers (for port 53 case, it is DNS server on UDP 53).
0
 
LVL 65

Expert Comment

by:btan
ID: 41895645
As suggested.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
this video summaries big data hadoop online training demo (http://onlineitguru.com/big-data-hadoop-online-training-placement.html) , and covers basics in big data hadoop .
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question