Home page logo

basics logo Security Basics mailing list archives

Outbound Port 0 UDP?
From: Mark Bassett <zosxavius () gmail com>
Date: Mon, 06 Jun 2005 13:18:07 -0400

I am getting port 0 UDP outbound attempts from Kerio on one of my windows machines. I know that port 0 is generally a reserved port, but that it is often used for OS fingerprinting (NMAP,etc). These connection attempts are generating from my machine. Norton AV says that I have no virii outside of some non-executed Java virii, and cleaning those did little to alleviate the problem. Kerio's IDS module picks up nothing else outbound that is negative. This is pretty puzzling. Kerio should report what programs show outbound connections in the log and the destination, but unfortunately it does not. Does anyone know if Azureus started using port 0 for some reason?

Also, can anyone recommend a good TCP logger for windows? If I can at least isolate the traffic and figure out where it is going I probably wouldn't be writing this post.


Mark Bassett

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]