RE: Locking down UDP ports

From: Ivan Hernandez Puga (ivan.hernandez@globalsis.com.ar)
Date: 12/26/01 

Date: Wed, 26 Dec 2001 17:07:24 -0300
From: "Ivan Hernandez Puga" <ivan.hernandez@globalsis.com.ar>
To: "Martin Radvany" <radvany@texas.net>, <security-basics@securityfocus.com>

This command will give you help on what programs are running that:
lsof |grep -i UDP

try it, and if you don't have lsof (why linux distributions don't install it by default??????) try on www.rpmfind.net
thanks

Ivan Hernandez

-----Original Message-----
From: Martin Radvany [mailto:radvany@texas.net]
Sent: Sunday, December 23, 2001 11:29 PM
To: security-basics@securityfocus.com
Subject: Locking down UDP ports

I have a Linux box running Red Hat 7.0 as a firewall. I

used a scanner at www.hackerwacker.com to scan the

machine. All TCP ports were closed, as expected, but

many UDP ports were open and listed as "danger

items," ripe for hacker exploits.

I can not seem to find any information on how to

disable these ports.

Relevant Pages

  • Re: Most important UDP ports?
    ... However if you actually look for UDP services with UDP protocols your tests can fly! ... I suggest you look into Unicornscan and other tools which will test UDP ports with known UDP protocols on the standard ports where you may find them. ... This doesn't help in finding "unknown" services or those on strange ports but neither will scanning only known service ports looking for ICMP replies. ...
    (Pen-Test)
  • a UDP Exception Problem of Windows Firewall
    ... I guess there must be a kind of problem with UDP exceptions of windows ... As I know, if I register some program to exception list of firewall, all of ... But, In my test case, TCP ports used by exception program might be opened, ... while UDP ports never be opened. ...
    (microsoft.public.windowsxp.embedded)
  • Re: Allow all "high UDP" or not ?
    ... > My firewall is McAfee Desktop Firewall. ... > a so large range of UDP ports open? ...
    (comp.security.firewalls)
  • TCP/IP filter & SMTP
    ... I have enabled TCP/IP filter on all addresses on my web server. ... I've got everything working except the UDP filter. ... That doesn't seem right because I've got SMTP enabled on TCP, ... If I enable all UDP ports, ...
    (microsoft.public.inetserver.iis.security)
  • Re: TCP/IP Filtering Problem
    ... Ensure that you allow UDP 53 inbound and outbound. ... due to it being dependent on DNS. ... Also, sending mail with the SMTP server does not work, and adds ... > When I allow all UDP ports, ...
    (microsoft.public.inetserver.iis.security)