locked
inbound connection rules RRS feed

  • Question

  • I have found that in my company that several servers try to authenticate back to the client as described in:

    http://support.microsoft.com/kb/555564

     

    The applications aren't exclusive to the FTP daemon, but I've also seen it with CVS. Turning off the firewall remedies the problem.

     

    I've tried to add an inbound connection rule that would accept a connection to port 113, and would as a result fail quickly. I've left the rule as broad as possible, but it doesn't appear to have any effect.

     

    I little bit of further confusion is the fact that if I enable logging on the firewall I don't see the inbound connection request. However, I do see it using the netmon3.1 beta. An example attempted connection from the server, if that helps any one:

    6 0.061003 {TCP:3, IPv4:1} 192.168.20.69 192.168.20.117 TCP TCP: Flags=.S......, SrcPort=38336, DstPort=Identification Protocol(113), Len=0, Seq=1153304368, Ack=0, Win=5840 (scale factor 0) = 5840

    Any suggestions on how to proceed would be greatly appreciated.

     

    Karl

    Saturday, June 9, 2007 2:14 AM