Data coming for closed udp port
Results 1 to 2 of 2

Thread: Data coming for closed udp port

  1. #1
    sunday11a
    Guest

    Data coming for closed udp port

    Recently ran my firewall (tiny pro, normally keep it off as i do manual monitoring)
    And the activity monitor showed me
    1) "Access on unopened udp port 16661" from a system in my subnet. Access was prevented. No application on my system is listening on this port. Searched on internet and found that this is used by a trojan HaxDoor. The destination address of this packet is broadcast (255.255.255.255). What could be the cause of this activity. Is the other system infected by this trojan.
    2) "Access on unopened udp port 16889" from a system in my subnet. Access was prevented.
    Found nothing on internet for this port. The packet is destined to xxx.xxx.xxx.255 (my subnet). What could be the reason for this activity.
    3) "Access on unopened udp port 17401" from a system from different subnet. Access was prevented. What application is this port used for. Destination address of this packet yyy.yyy.yyy.255(different subnet).

    What could be the reason for this activity. Is it a trojan advertising itself or something else.
    Any steps to be taken for my system or is it a part of normal acitivity.

    My OS is win2k pro sp4, no file sharing

  2. #2
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    It's trojans or scanners looking for infected machines. I wouldn't worry about it since the ports are closed.
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •