INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Jobs

UDP Hacking port 53

UDP Hacking port 53

(OP)
We have a Sonicwall TZ600 and have noticed that someone on the WAN is using port 53 UDP to access our LAN.
I have verified the we have rules built to DENY anything for IPV4 and 6 from WAN to LAN and WAN to WAN but doesn't seem to deter the problem.
I have also made sure that the Comprehensive Gateway and Security services are enabled.
Any ideas?

RE: UDP Hacking port 53

Make sure that you have the latest firmware installed. There is a new releas.
We have had on-going issues since 2015 and still have issues with this problem.
What I noticed is that in the Dadhboard you can view the logs, up, services, etc. I've noticed a lot of UNKNOWN connections which means that ssh is being used by someone to console into the Sonicwall.
Check your computers and look into the temp folders and see if logmein or logmein rescue is in the temp folder. If so, then a reverse connection is being allowed and this allows some in the wan to bypass the Sonicwall.
Even with the application control turned in under firewall the Sonicwall fails to block these connections.
Open s case with Sonicwall and let me know your findings.
I can tell you that the person(s) are relentless and very sophisticated because they continue to change their tactics.
Good luck.

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Resources

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close