Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
What UDP traffic should I allow
- Thread starter ianbla
- Start date
HI.
Post here some of those lines to get more info.
Regular UDP traffic is DNS which is normaly on port 53 but not always (some linux based mail servers use random ports for DNS - I don't know why and how exactly).
UDP port 1434 is related to the latest SQL worm and should normaly be blocked.
UDP port 137 is for Netbios and should be blocked - but you will get probes on that ports regulary.
A common pix configuration will block all inbound UDP traffic, and will permit outbound UDP traffic to port 53 unless any outbound traffic is permitted (the default implicit outbound rule).
Bye
Yizhar Hurwitz
Post here some of those lines to get more info.
Regular UDP traffic is DNS which is normaly on port 53 but not always (some linux based mail servers use random ports for DNS - I don't know why and how exactly).
UDP port 1434 is related to the latest SQL worm and should normaly be blocked.
UDP port 137 is for Netbios and should be blocked - but you will get probes on that ports regulary.
A common pix configuration will block all inbound UDP traffic, and will permit outbound UDP traffic to port 53 unless any outbound traffic is permitted (the default implicit outbound rule).
Bye
Yizhar Hurwitz
- Status
Similar threads
- Locked
- Question