inbound connection rules RRS feed

  • Question

  • I have found that in my company that several servers try to authenticate back to the client as described in:



    The applications aren't exclusive to the FTP daemon, but I've also seen it with CVS. Turning off the firewall remedies the problem.


    I've tried to add an inbound connection rule that would accept a connection to port 113, and would as a result fail quickly. I've left the rule as broad as possible, but it doesn't appear to have any effect.


    I little bit of further confusion is the fact that if I enable logging on the firewall I don't see the inbound connection request. However, I do see it using the netmon3.1 beta. An example attempted connection from the server, if that helps any one:

    6 0.061003 {TCP:3, IPv4:1} TCP TCP: Flags=.S......, SrcPort=38336, DstPort=Identification Protocol(113), Len=0, Seq=1153304368, Ack=0, Win=5840 (scale factor 0) = 5840

    Any suggestions on how to proceed would be greatly appreciated.



    Saturday, June 9, 2007 2:14 AM