Do any of you see alot of service sweeps on your network? I get hundreds of these a day. Usually ports 137 and 1434. I would think our ISP would block this but then again it's probably better that they don't filter.
A Google search for "port 137" and "port 1434" should turn up a lot of information.
It is quite normal to see a lot of those. I believe a lot of web sites will throw back packets to port 137 to try to identify your server for their log files, if you visit a site there. It's also used by hackers to find vulnerable computers. Right now, there is apparently a major hacker project in the works, so you may see a higher than normal volume of packets like this.
For a business class connection, the ISP should not drop any packets without your permission (they can't be sure which ones you might have a good reason to use). That's why firewalls are so useful -- they allow you nearly complete control over what packets are allowed through to your server.
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers.
Declude Virus: Catches known viruses and is the leader in mailserver vulnerability detection.
Find out what you have been missing: Ask for a free 30-day evaluation.
--- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
