UDP Ports 1839 and 1841?

UDP Ports 1839 and 1841?

Post by Fred Peele » Wed, 17 Mar 1999 04:00:00



Hi,

Since March 8th, I have seen approx 500 UDP packets directed at my
firewall's ports 1839 and 1841. I can't find any references (to services or
common trojans) that use those ports. No logs show this traffic before March
8th.

There seems to be one packet sent to each port per probe (or whatever is
going on), with packets being sent every few hours.

I can't see any pattern in the hosts doing the sending, there are at least
10 of them, from all over the world.

Anyone see similar activity? It doesnt seem to be DoS related (too little
traffic), and its not a sweep, it's
directed solely at my firewall box, not any of the ip's around it or even
those pretected by it.

Also, does anyone have any idea why the interest in those two particular
ports?

Fred Peeler, IS Manager
B.E. Peterson, Inc.

 
 
 

1. Ignore all incoming udp/ip and udp/ip on all ports, except open ports?

Hey,
    I want to set my linux box up such that it will not even admit
that it exists (Stealth, if you will) on ports that are not open for
connections.  Port 79 (Finger) for instance, I ran  port scanner on my box
and it responded that the machine exists, and the port is closed.
Is there a to get it to not respond (ignore) incoming connections
altogether?

Also, it is running as a webserver / router / firewall.
I would also like to bind certain services to net devices like
FTP to eth1, so I can access them on my VPN, but not from the
outside eth0.  Is that possible?

If anyone has any ideas I would be most appreciative,
maybe direct me to the appropriate HOWTO?

Thanks,
       Genesis

2. Install linuc from cd without a cd drive

3. ipchains/TCP/UDP, Why should I open UDP ports so that my TCP ports can work?

4. RH5.1: Where is KDE?

5. Ports 137/udp and 138/udp are in use but no process can be found

6. Q: How to force an X window to stay open ?

7. UDP/TCP ports -> protocol port

8. IP forwarding is just too good

9. Huge UDP traffic from port 1058 to port 3000, what is it?

10. Hacked? TCP port 12345 and UDP port 2364

11. What are these UDP packets from port 3130 to port 7?

12. Matrox Mystique ands X.

13. How to receive UDP and ICMP packet using one UDP socket, (Path MTUD)