udp connection dangerous?

Discussion in 'other firewalls' started by JayTee, Feb 3, 2005.

Thread Status:
Not open for further replies.
  1. JayTee

    JayTee Registered Member

    Joined:
    Nov 2, 2004
    Posts:
    166
    Hi,

    I have a few questions:

    i) I have BlackIce Firewall installed and was wondering whether a UDP connection (local port:1189) out to a remote destination (remote port:137) dangerous.

    BlackIce is listening port 137.

    ii) Because UDP is connectionless, is it as dangerous or more dangerous than TCP on a connection out?

    Thanks in Advance.
     
  2. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    Hi,

    If you have already hardening Windows (by disabling some services and closing criticals ports) and if your firewall is well configured, your system has to appear stealth.

    UDP is a less secure protocol than TCP because he has a "blind functioning".
    When UDP transports/forwards IP, there's no acknowledge receipt of datas .

    Threfore,UDP is less codified than TCP.
    That's why there's many attacks with this protocol (like UDP 0).

    Regards
     
  3. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    What was the remote IP/address? Did it match one in your BI logs for a blocked connection attempt/alert?

    Regards,

    CrazyM
     
  4. JayTee

    JayTee Registered Member

    Joined:
    Nov 2, 2004
    Posts:
    166
    Thanks

    I discovered the problem. I am on a small network and somehow I enabled the option that made the computer I was running the DMZ. Another computer on the lan was downloading something. Hence, that download was going through my PC. No wonder there was a huge spike in the intrusion scans. Everyone was probing for any weakness in the firewall, even though my firewall was stealthed. Grr.
     
Loading...
Thread Status:
Not open for further replies.