Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Closing all the UDP ports?

Status
Not open for further replies.
Sleidia

Sleidia

Technical User
May 4, 2001
1,284
FR

Hello again :)

Can someone tell me whether it is recommended or not to close all the UDP ports used by IE and Outlook??

I've tried to do so on my firewall (OutPost), but as a result, I couldn't have access any website anymore. Is that normal?

I've noticed that several of those ports get opened from time to time ( even when opening google.com )

Thanks for helping ;)

 
Sort by date Sort by votes
DNS uses UDP 53. Better not block this one!

Chris.

**********************
Chris Andrew, CCNA, CCSA
chris@iproute.co.uk
**********************
 
Upvote 0 Downvote
Chris:
>DNS uses UDP 53. Better not block this one!

Why not?

Maybe you can help me understand something related. UDP 53 is one of two ports that GRC shows open from my home lan machines. All home lan machines report the same. LAN is on small wireless router. In this case, if it is my machine that is reporting UDP 53 open, then I don't want that. My LAN machines get url internally from the router. If the report is only telling me that the router is listening to my ISP, well hey, ain't that what it should do?

Please elaborate about port 53.

Mark

Mark
<O>
_|_
 
Upvote 0 Downvote
UDP 53 should only be open on your side if you are running a DNS server. I suspect that your router is maybe running a DNS cache server which is why a port scan shows that port open. I doubt that all your LAN PC's are running DNS!

When I said that you shouldn't block it, I meant that you shouldn't block it outbound, ie. your client need to be able to make outbound DNS requests.

Chris


**********************
Chris Andrew, CCNA, CCSA
chris@iproute.co.uk
**********************
 
Upvote 0 Downvote
Thx for reply.

My router IS running a DNS server for the LAN. I wouldn't think it should be open to the outside past my isp. I'll have to see if I can set a filter for this - only to my ISP. This would make sense, as my router does get my lan's url from my ISP's DNS server.

My boxes are NOT running DNS servers. Well, they are Windows, so I don't THINK they are running DNS servers. I have either shut this service off or set it to not run, so as near as I can tell they aren't. But that was partly why I went to GRC.

Thanks again for the reply. That was helpful.

Mark
<O>
_|_
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

jsaad
  • Locked
  • Question
udp timer
Replies
0
Views
549
jsaad
jsaad
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
747
nnaarrnn
nnaarrnn
Impersonator
  • Locked
  • Question
UDP Hacking port 53
Replies
1
Views
337
RodneyMcSnow
RodneyMcSnow
DivemasterBill
  • Locked
  • Question
Cannot connect via the SonicWall Login webpage
Replies
0
Views
279
DivemasterBill
DivemasterBill
Russtoleum
  • Locked
  • Question
SW GVC won't route traffic through sonicwall to offsite tunnel unless it leases an ip on the same su
Replies
1
Views
277
Russtoleum
Russtoleum

Part and Inventory Search

Sponsor

Back
Top