AVS Forum banner
  • Our native mobile app has a new name: Fora Communities. Learn more.

Big port attack tonight

531 Views 2 Replies 3 Participants Last post by  Shock96
I'm getting mondo hits on port 40132 from all kinds of random looking addresses. My router is eating them all so it's not a danger to me, but something wierd is going on. I looked around and I don't see any info on that port. Anyone know what they would be trying to talk to? I checked and I've got nothing listening on that port.
Not open for further replies.
1 - 3 of 3 Posts
Must be just you. The storm center levels are low.
Here is a bit of info on what you are seeing.

Port number: 40132

Common name(s): client-port on Red Hat Linux 9.0, Fedora Core 1, Red Hat Enterprise 3

Common service(s): client

Service description(s): Outgoing client connections from systems.

Common server(s): RPC based services, Windows Messaging Service.

Common client(s): All client software (SSH, Web clients, etc.)

Common problem(s): Insecure client software

Encrypted options: Not applicable

Secure options: Not applicable

Firewalling recommendations: Block inbound connections to client ports, allow outgoing connections and returning packets (keep state)

Attack detection: As a general rule data coming in to client ports that is not part of an established connection is likely an attack. Exceptions exist of course, such as FTP, various instant messenger protocols, file sharing protocols, IRC's DCC, and so on.

Might be general TCP traffic, but not likely. Someone is probably scanning your IP range.

Other relate ports : 32768

Other notes: Port 32768 is the first port used by the operating system for outbound connections, thus it is likely you will see outbound connections from port 32768 and up. If you run netstat on Red Hat Linux or UNIX you will see something like:

[[email protected] web]# netstat -vatn

Active Internet connections (servers and established)

Proto Recv-Q Send-Q Local Address Foreign Address State

tcp 0 0* LISTEN



See less See more
1 - 3 of 3 Posts
Not open for further replies.