Solved

QID 34020 UDP firewall vulnerability

Posted on 2016-11-02
2
187 Views
Last Modified: 2016-11-21
QID 34020 UDP firewall vulnerability. How do I fix this?
0
Comment
Question by:Larry Childress
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
2 Comments
 
LVL 64

Accepted Solution

by:
btan earned 500 total points (awarded by participants)
ID: 41870507
I believe you are referring to UDP Source Port Pass Firewall findings. This means your firewall policy seems to allow UDP packets with a specific source port (for example, port 53) to pass through while it blocks UDP packets to the same destination ports but with a random source port. It is possible that the firewall also allows UDP packets with other well-known ports as source ports to go through.

You'll need a rule which monitors session state, likely a firewall (hardware or host based), so that this traffic is only allowed if your servers already sent an outgoing request to the destinated servers (for port 53 case, it is DNS server on UDP 53).
0
 
LVL 64

Expert Comment

by:btan
ID: 41895645
As suggested.
0

Featured Post

Ready to trade in that old firewall?

Whether you need to trade-up to a shiny new Firebox or just ready to upgrade from whatever appliance you're using now, WatchGuard has the right appliance for you! Find your perfect Firebox today with appliance sizing tool!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
This article investigates the question of whether a computer can really be cleaned once it has been infected, and what the best ways of cleaning a computer might be (in this author's opinion).
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question