Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 14 replies
  • Subscribers 2 subscribers
  • Views 14708 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UDP source port 0

rbanchieri
Hi,

I have to open a connection from UDP source port 0 to UDP destination port 8254.

But the lower service port I can define is 1.

All the packets are always dropped.
2012:11:16-18:30:13 fw ulogd[4600]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x1000" srcmac="0:22:90:c6[:D]b[:D]a" dstmac="0:c:29:78:5d:34" srcip="178.237.87.12" dstip="10.10.10.10" proto="17" length="1344" tos="0x00" prec="0x00" ttl="61" srcport="0" dstport="8254" 

Any idea on how to do ?
Thank you
Regards,
Romano


This thread was automatically locked due to age.
Parents
  • 0
    FWIW:

    Signature triggers on a UDP packet with a source port equal to 0 (zero).Port 0 is a reserved port, however it is not illegal. Traffic using a source port of 0 should be considered unusual or even suspicious and warrants further investigation.This could also be an attempt to fingerprint an OS or bypass firewall and router access controls.

    Security Intelligence Operations - Cisco Systems

    What application is generating this traffic?

    Barry
Reply
  • 0
    FWIW:

    Signature triggers on a UDP packet with a source port equal to 0 (zero).Port 0 is a reserved port, however it is not illegal. Traffic using a source port of 0 should be considered unusual or even suspicious and warrants further investigation.This could also be an attempt to fingerprint an OS or bypass firewall and router access controls.

    Security Intelligence Operations - Cisco Systems

    What application is generating this traffic?

    Barry
Children
No Data
Unfiltered HTML