[unisog] Port 0

Christensen, Eric CHRISTENSENE at MAIL.ECU.EDU
Thu Oct 27 23:01:02 GMT 2005


Yeah, let me see what I can do.  I'm still new to IDS and Firewalls so I'm
still learning...  :)

Any information is great!

Thanks,
Eric Christensen
Technology Support Specialist
 
ECU Police Department
608C E 10th St
Greenville NC 27858-4353
http://www.ecu.edu/police

EMERGENCY DIAL 911 
(252)328-1155 - Office
(252)328-6787 - 911 Communications
(252)328-6965 - Fax
 
-----Original Message-----
From: unisog-bounces at lists.sans.org [mailto:unisog-bounces at lists.sans.org]
On Behalf Of Leigh Vincent
Sent: Thursday, October 27, 2005 6:38 PM
To: unisog at lists.sans.org
Subject: Re: [unisog] Port 0

This seems very strange.  Is there any chance you could give us a sample of
the log file to have a look at.  Mask out the IP addresses etc obviously but
I think there are many of us who would be interested to see these log
entries.

Cheers

Leigh Vincent
Information Security Officer
Information Services
University of Ballarat
PO Box 663
BALLARAT   VIC   3353

Ph.: 03-5327 9386
Mobile: 0439 357 203
l.vincent at ballarat.edu.au

>>> CHRISTENSENE at MAIL.ECU.EDU 10/27/05 11:59 pm >>>
I was reviewing my firewall logs this morning and found a few packets going
to and from port 0.  Apparently they were ICMP packets.  I think that is
probably legitimate but I'm thinking that many computers might accept these
packets thinking they are legit when they are really attacks.  If they are
just ICMP packets you could just block them.  Right?

Thanks,
Eric Christensen
Technology Support Specialist
 
ECU Police Department
608C E 10th St
Greenville NC 27858-4353
http://www.ecu.edu/police 

EMERGENCY DIAL 911
(252)328-1155 - Office
(252)328-6787 - 911 Communications
(252)328-6965 - Fax
_______________________________________________
unisog mailing list
unisog at lists.sans.org
http://www.dshield.org/mailman/listinfo/unisog
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3116 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20051027/61f7f2f0/smime.bin


More information about the unisog mailing list