[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Port Scan for UDP

I'm doing portscans on a system I'm working to learn more about
securing hosts and setting up iptables.  My tcp portscan reported
what I expected, only www, ssh and smtp listening.  The udp
portscan reported a huge list of 'open' ports.  I really didn't
know what to expect for this scan, so I want to know if this is
normal.  Just for grins, I removed every udp listing in
/etc/services and restarted inetd and the scan came back the
same.  I figure this is normal, but if someone can confirm this
behaviour, I'd really appreciate it.

If this isn't secure behaviour, perhaps I can add an iptables
entry like:

iptables -A INPUT -p udp -j drop

However, I don't have any applications running using udp, so the
'open' port doesn't have anywhere to go, as far as I know. 
Again, if someone can confirm this, I'd really appreciate it.



Jeff Coppock		Nortel Networks
Systems Engineer	http://nortelnetworks.com

Reply to: