You are not logged in.
- Topics: Active | Unanswered
#1 2011-01-18 08:40:46
- illusory
- Member
- Registered: 2011-01-12
- Posts: 15
Something to worry about or is it just router 'white noise'?
I don't think this is Arch specific, but felt the Newbie Corner would be an appropriate place to make this thread. I apologize in advance if this is a stupid question, but I seem to get a lot of blocked UDP packets from various IP's directed at port 55881 in particular. Occasionally, I'll also get attempted TCP connection requests to port 23, 445, and some ports in the 8000's. If this is something to worry about, what can I do to configure my system so that I can be at ease (or close enough)? 
Offline
#2 2011-01-18 09:04:45
- litemotiv
- Forum Fellow
- Registered: 2008-08-01
- Posts: 5,026
Re: Something to worry about or is it just router 'white noise'?
Moving this to Network & Protection just in case.
ᶘ ᵒᴥᵒᶅ
Offline
#3 2011-01-18 09:08:18
- Awebb
- Member
- Registered: 2010-05-06
- Posts: 6,311
Re: Something to worry about or is it just router 'white noise'?
Don't run servers listening on those ports, or better, don't expose any servers to the internet. Are these connection attempts logged in your router or on your computer?
Offline
#4 2011-01-18 09:18:18
- illusory
- Member
- Registered: 2011-01-12
- Posts: 15
Re: Something to worry about or is it just router 'white noise'?
My logs on my system check out well. The connection attempts I mentioned are all from my router's log. How can I check to make sure there isn't anything running listening in on those ports? What can I do to disable these services if necessary?
Offline
#5 2011-01-19 19:10:40
- Leonid.I
- Member
- From: Aethyr
- Registered: 2009-03-22
- Posts: 999
Re: Something to worry about or is it just router 'white noise'?
My logs on my system check out well. The connection attempts I mentioned are all from my router's log. How can I check to make sure there isn't anything running listening in on those ports? What can I do to disable these services if necessary?
As a device, which faces internet, I guess it's normal for the router to detect some connection attempts either by mistake, or from port scanners, kids, etc...
The services run on your machines, not on the router. The only one on the router should be either telnet or httpd for configuration. In order to protect your internal network, you only need to disable remote adminitstration on the router (or whatever it is called in your case, that is the router should be accessible for administration only from the LAN) and port forwarding (also on the router, so that requests are not forwarded to the LAN). Enjoy
Arch Linux is more than just GNU/Linux -- it's an adventure
pkill -9 systemd
Offline