Results 1 to 7 of 7

Thread: Port 0?

  1. #1
    Join Date
    Jun 2003
    Location
    California
    Posts
    51

    Port 0?

    I was wondering if anyone knew of something that exploits port 0 of a machine or firewall.

    My server was attacked yesterday and at first it denied the port 0 probes/attacks but after a while it suddenly started allowing them, which I think is just bizzare.

    Any information would be appreciated. Thanks!

  2. #2
    Join Date
    Jun 2003
    Posts
    673
    I don't know of any services that use TCP or UDP port 0, and RFC 943 says that port 0 is reserved (and can't be used for anything). There should be nothing there to exploit.

  3. #3
    Join Date
    Jun 2003
    Posts
    673
    See also this page.

  4. #4
    Join Date
    Jun 2003
    Location
    California
    Posts
    51
    I was aware that it is suppose to be reserved which confuses me. The source port and destination port is 0. So something strange is going on.

    I read something about P2P software using that port. There aren't any of those on this server though. I also want to point out that its a firewall that is being attacked (a fairly expensive one too!).

    Now from that link it said that in unix you could specify 0 and it would find the next available port. I'm not sure if this firewall would react the same way, but maybe it started accepted the probes/attacks because it was going up to port 80...

    still confusing.

  5. #5
    Join Date
    Jun 2003
    Location
    California
    Posts
    51
    I was aware that it is suppose to be reserved which confuses me. The source port and destination port is 0. So something strange is going on.

    I read something about P2P software using that port. There aren't any of those on this server though. I also want to point out that its a firewall that is being attacked (a fairly expensive one too!).

    Now from that link it said that in unix you could specify 0 and it would find the next available port. I'm not sure if this firewall would react the same way, but maybe it started accepted the probes/attacks because it was going up to port 80...

    still confusing.

  6. #6
    Join Date
    Jun 2003
    Posts
    673
    No, the procedure that the article mentions is unrelated. It's only used when you're writing a program that needs to bind to an unprivileged port (for an outgoing connection).

  7. #7
    Join Date
    Aug 2003
    Location
    Sweden
    Posts
    26

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •