[Dshield] Port 0

Jorge Buchmann jbuchmann at intraredes.no-ip.org
Thu May 9 21:57:30 GMT 2002


On Tue, 09 Apr 2002 16:29:39 -0400
David Sentelle wrote:

 | 
 | I see connections to/from port 0 in my firewall logs.  Is my firewall sending invalid messages?  Should port 0 be blocked at the firewall?
 | 
 | TIA¯
 | 

Most firewalls (also home made ones) blocks insecure ports (0->1024) by default.
Some programs (like nmap) can use port 0 as source ports fro testing, also if any run a complete nmap to your system Port 0 is going to be checked, as port 0 is a reserved tcp/udp port you must check if it was an tcp attempt connection or an icmp ping check trying to determine your server OS type.


-- 

Jorge D. Buchmann | intraredes at fibertel.com.ar
                  | jbuchmann at intraredes.no-ip.org
   intraRedes     | http://intraredes.no-ip.org




More information about the list mailing list