LinuxQuestions.org
Review your favorite Linux distribution.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page UDP port 5353
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
Page 2 of 2 1 2
  Search this Thread
Old 02-13-2008, 09:30 AM   #16
checkmate3001
Member
 
Registered: Sep 2007
Location: Folsom, California
Distribution: Ubuntu, Mint, Debian, Suse
Posts: 307

Rep: Reputation: 32

Something interesting I just found (searching through logs) is that my ISP was initiating some of these packets. I did a whois on the ip address:

Quote:
Feb 12 08:56:56 cpsinc-intranet kernel: INPUT packet died: IN=eth0 OUT= MAC=00:e0:81:81:25:54:00:15:e9:1d:98:c6:08:00 SRC=68.87.78.130 DST=192.168.0.121 LEN=82 TOS=0x00 PREC=0x00 TTL=51 ID=59695 DF PROTO=UDP SPT=53 DPT=51954 LEN=62
Feb 12 08:57:17 cpsinc-intranet kernel: INPUT packet died: IN=eth0 OUT= MAC=00:e0:81:81:25:54:00:15:e9:1d:98:c6:08:00 SRC=68.87.76.179 DST=192.168.0.121 LEN=82 TOS=0x00 PREC=0x00 TTL=57 ID=1400 DF PROTO=UDP SPT=53 DPT=34154 LEN=62
Quote:
Comcast Cable Communications, Inc. JUMPSTART-2 (NET-68-80-0-0-1)
68.80.0.0 - 68.87.255.255
Comcast Cable Communications, Inc. COMCAST-18 (NET-68-87-64-0-1)
68.87.64.0 - 68.87.127.255
Interesting... Jumpstart?

I had this same problem a while ago (but it was MUCH more persistent) when I put in a new router. There was a setting called jumpstart on the router that I turned off and it help quite a bit...
 
Old 05-05-2011, 01:01 PM   #17
lisle2011
Member
 
Registered: Mar 2011
Location: Surrey B.C. Canada (Metro Vancouver)
Distribution: Slackware 2.6.33.4-smp
Posts: 183
Blog Entries: 1

Rep: Reputation: 25
Port 5353
It took awhile to track it down but it IS a Mac (apple) server mDNSResponder and if you have installed bonjour on your system or have a Time Capsule or other Mac machine this is a very chatty service using ssdp I believe and that service is used extensively by Microsoft products. It is supposedly benign and just watching the nic card with tcpdump or Wireshark doesn't help because the VOLUME is huge. I don't want to block it because I use bonjour so my Linux box can backup to the "Time Machine" as well as XP and my macbook.

http://www.broadbandreports.com/forum/remark,15632024

has some more information, but it is obtuse and difficult to get info otherwise.
 
Old 05-05-2011, 01:26 PM   #18
unixfool
Member
 
Registered: May 2005
Location: Northern VA
Distribution: Slackware, Ubuntu, FreeBSD, OpenBSD, OS X
Posts: 782
Blog Entries: 8

Rep: Reputation: 158Reputation: 158
Bigtime necro thread. It might have been better for you to open a new thread and reference this one. It's been over 3 years since this thread was updated, until today...its a common habit here to not update threads that are that old. Just an FYI.
 
  


Reply
Page 2 of 2 1 2



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
telneting to a udp port. juanb Linux - Security 3 03-06-2013 01:30 PM
udp port 1024 frgtn Linux - Security 2 03-27-2005 07:10 AM
UDP Port 1697 RandomIZE Linux - Networking 5 03-23-2004 03:47 PM
closing port 68/udp? antik Linux - Security 1 09-26-2003 12:26 PM
How do I open up a UDP port? Dirt Linux - Networking 9 06-06-2003 05:50 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 04:26 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration