I have a firewall, but the scan shows my UDP ports are open. Why? Port Scanning FAQ

			Search:
	login · register

	Search for: in all FAQs
All FAQs » Port Scanning FAQ » 3.0 Results » 224


I have a firewall, but the scan shows my UDP ports are open. Why? (#224)
When a probe (scan) is sent to a UDP port there a twop possible responses, "open" and "closed". Normally, a closed UDP port responds to an incoming packet by returning an "ICMP unreachable" message. Many port scanners depend on this message to list the port as "closed". Some firewall programs "absorb" the UPD packet before it ever reaches the UPD port and an "ICMP unreachable" message is not sent. In a case like this the scanner is fooled and thinks the port is "open", when it actually may be closed. One way to tell if your firewall is exhibiting this behavior is to scan a large number of your UDP ports. Since it's impossible for your system to have several thousand ports open at once, if a UDP scan tells you they are, chances are it's your firewall doing its job. show feedback form


Friday, 04-Jul 16:21:06	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact 8th year online! © 1999-2008 dslreports.com.