mailing list archives
Outbound Port 0 UDP?
From: Mark Bassett <zosxavius () gmail com>
Date: Mon, 06 Jun 2005 13:18:07 -0400
I am getting port 0 UDP outbound attempts from Kerio on one of my
windows machines. I know that port 0 is generally a reserved port, but
that it is often used for OS fingerprinting (NMAP,etc). These
connection attempts are generating from my machine. Norton AV says that
I have no virii outside of some non-executed Java virii, and cleaning
those did little to alleviate the problem. Kerio's IDS module picks up
nothing else outbound that is negative. This is pretty puzzling. Kerio
should report what programs show outbound connections in the log and the
destination, but unfortunately it does not. Does anyone know if Azureus
started using port 0 for some reason?
Also, can anyone recommend a good TCP logger for windows? If I can at
least isolate the traffic and figure out where it is going I probably
wouldn't be writing this post.
- Outbound Port 0 UDP? Mark Bassett (Jun 06)