Monitor a UDP port

Similar Messages

• Anybody know what tcp or udp port # is used by Server Monitor?

  Hi everyone. I've been lookin' all over ****'s half-acre to find out what port # is required for Server Monitor with no luck. Sure, I can access the local IP address on the LAN, but for LOM to be truly useful...I need to access from WAN. Since my public IP takes me direct to the server itself (and other ports on that ip do other things), I really need to know what port # is used to forward Server Monitor traffic. Anyone?
  Thanks!
  Ed

  Ed LaComb-
  I do have this link to well known TCP and UDP ports used by Apple software products.
  I am fairly certain the answer lies within.
  Luck-
  -DaddyPaycheck

• UDP PORT 445 Not listed in System Process

  Hi! Can you help me? I need the UDP PORT 445 listed on SYSTEM Process. 
  I open UDP PORT 445 on Firewall (WSBS 2011), but in Syshelp (symatech validation too) the result is:
  Title: One or more network services, ports, protocols or associated processes may need attention
  Product: Backup Exec Server
  Status: Warning
  Details:
  Warning SYSTEM's UDP port 445 is not open or listening.
  Warning Port is not open or listening.
  UDP Process: System
  Ok SYSTEM is the correct process for UDP port 137
  Ok Port 137 with protocol UDP is open on the following IP addresses: - 25.54.28.213
  - 169.254.41.25
  - 169.254.244.222
  - 192.168.0.6
  - 192.168.1.2
  Ok Process System has port 137 with protocol UDP open.
  Ok Process System has port 137 with protocol UDP open.
  Ok Process System has port 137 with protocol UDP open.
  Ok Process System has port 137 with protocol UDP open.
  Ok Process System has port 137 with protocol UDP open.
  Information Network service name not defined. Test skipped.
  Information Default settings - Network Service Name: netbios-ns Port: 137 Protocol: UDP Process: System
  Ok SYSTEM is the correct process for UDP port 138
  Ok Port 138 with protocol UDP is open on the following IP addresses: - 25.54.28.213
  - 169.254.41.25
  - 169.254.244.222
  - 192.168.0.6
  - 192.168.1.2
  Ok Process System has port 138 with protocol UDP open.
  Ok Process System has port 138 with protocol UDP open.
  Ok Process System has port 138 with protocol UDP open.
  Ok Process System has port 138 with protocol UDP open.
  Ok Process System has port 138 with protocol UDP open.
  Information Network service name not defined. Test skipped.
  Information Default settings - Network Service Name: netbios-dgm Port: 138 Protocol: UDP Process: System
  Ok SYSTEM is the correct process for TCP port 445
  Ok Port 445 with protocol TCP is open on the following IP addresses: - 0.0.0.0
  Ok Process System has port 445 with protocol TCP open.
  Information Network service name not defined. Test skipped.
  Information Default settings - Network Service Name: microsoft-ds Port: 445 Protocol: TCP Process: System

  Hi,
  à
  I need the UDP PORT 445 listed on SYSTEM Process.
  à
  Warning SYSTEM's UDP port 445 is not open or listening.
  Based on your description, I’m a little confused with this issue. Please run following commands with administrator
  permission and monitor the result. Would you please check and confirm whether any process listened the UDP port 445?
  netstat –ab
  netstat -a | find /i "445"
  In addition, I noticed that you use Syshelp (Symantec validation tool) to check. I suggest that you would post
  the warning message in Symantec Forum and confirm this issue. I believe we will get a better assistance there.
  If anything I misunderstand, please don’t hesitate to let me know.
  Hope this helps.
  Best regards,
  Justin Gu

• Operations Manager 2012 doesn't listening SNMP Trap UDP port 162

  hi,
  SCOM 2012 SP1, how come the operations manager started but the SNMP Trap UDP port 162 not listening?
  Without this port listening, I can't testing SNMP trap on SCOM.
  Thanks...KEN

  Hi,
  As described in the following blog, the TRAP service should be installed but turned off, we could not get traps coming in until we turned the service back on.
  So please verify if the service is on. You can continue audit the ports by running netstat –a.
  System Center 2012 Notes From the Field
  http://scom-2012.blogspot.in/2012/07/setting-up-snmp-monitoring-in-scom-2012.html
  Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.
  Hope this helps.

• How can we find out which application is runing UDP port 69?

  Whenever I run Cisco Network Assistant on my Windows 7 computer, I receive "The embedded TFTP server cannot start".
   netstat -an|more shows “udp 0 0 0.0.0.0:69 ...” How can we find out which application is runing UDP port 69?
  Bob Lin, MCSE & CNE Networking, Internet, Routing, VPN Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net How to Install and Configure Windows, VMware, Virtualization and Cisco on http://www.HowToNetworking.com

  These ones may help.
  Have you ever wanted to see which Windows
  process sends a certain packet out to network?
  Process
  Monitor v3.1
  Regards, Dave Patrick ....
  Microsoft Certified Professional
  Microsoft MVP [Windows]
  Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

• My Network of Macs keep broadcasting to udp port 8612 every few seconds

  This problem was answered nicely by "Hunter3740" and Apple archieved it....It is still valid/needed for Mountain Lion!
  https://discussions.apple.com/thread/2464784?start=0&tstart=0
  Here is how to stop your Mac from broadcasting to udp port 8612 every few seconds without using a Terminal WIndow:
  Under Utilities (In Applicatiopn Folder) launch the Activity Monitor, then show "All Processes" and find the one named "CIJScannerRegister.app" and hit the Stop Sign (Quit Process).
  Then follow this Machintosh HD--->Library-->Image Capture--->Support--->LegacyDeviceDiscoveryHelpers---->then throw "CIJScannerRegister.app" in the trash and empty it.
  Bingo...the broadcast stops.
  Apple:  Can you fix this turd with a system update?

  Is there a chance that someone has installed some kind of
  software on the computer that is trying to "call home?"
  The app known as Little Snitch can tell what may be in there
  and if it is responsible for these odd network calls out.
  How is the port security set up in the Mac? And why would
  those ports need to be open unless there was a real purpose?
  With my Macs, all of the ports in Firewall are closed to access
  except for the Network Time Server to keep the clock correct.
  {Some are used to share files between computers, & to chat; etc.}
  Do you have more than two user accounts in the computer, and
  if so, is your Admin account only used to update and maintain
  the OS X & to install apps for other users? The levels of security
  in Mac OS X can be controlled; and such odd port calls if or when
  there is no need, are signs that something is not quite right.
  Have you looked into the Console utility to see what is causing the
  hang at those time intervals you know this has happened? There
  are several different logs and reports in there; some won't apply.
  Do the children who use the computer, have access to or know the
  Admin account's password? A second user, from their account, can
  install software and do other things, if that password is available.
  I noticed you had a similar post last month that appeared to go without
  a reply; now it is locked and can't be replied to anyway. So this issue
  has been going on for some time. What may have happened in the past
  year or so, to start this issue in that computer? Something, for certain.
  Good luck & happy computing!

• UDP port 161 on IPCC/ICM servers

  I am trying to setup Solarwinds monitoring via SNMP on our IPCC/ICM servers.  The servers are AW, PGs and Router/Loggers. 
  Do the IPCC/ICM applications use UDP port 161?  I cannot start the SNMP service on the servers due to UDP port 161 is already being used. 
  According to Windows task manager, the port is used by PID snmpdm.exe.
  Any info or comment is appreciated.  Thanks.

  Yes it's not the same. Why, I do not know.
  On ICM Windows boxes you use the MMC snapin, but on CVP you use the Ops Console which writes into cfg files and pushes them to the box.
  At the end of the day the basics of community name, access list, trap destination are known by the agent on the ICM or CVP server.
  Regards,
  Geoff

• DMVPN-Why received packet doesn't use UDP port 4500 but 500?

  Hello everyone
  I got a problem with my DMVPN. Spoke is behind a NAT device. x.x.x.x is an public IP address which hub uses. I don't know why it discovered that the hub is also inside a NAT device. And after it sends a packet using port 4500, the received packet from hub was not using port 4500 but 500. I'm confused now. Any advise would be much appreciated.
  *Sep 10 08:56:02 UTC: ISAKMP:(0): beginning Main Mode exchange
  *Sep 10 08:56:02 UTC: ISAKMP:(0): sending packet to x.x.x.x my_port 500 peer_port 500 (I) MM_NO_STATE
  *Sep 10 08:56:02 UTC: ISAKMP:(0):Sending an IKE IPv4 Packet.
  *Sep 10 08:56:02 UTC: ISAKMP (0): received packet from x.x.x.x dport 500 sport 500 Global (I) MM_NO_STATE
  *Sep 10 08:56:02 UTC: ISAKMP:(0):Input = IKE_MESG_FROM_PEER, IKE_MM_EXCH
  *Sep 10 08:56:02 UTC: ISAKMP:(0):Old State = IKE_I_MM1  New State = IKE_I_MM2 
  *Sep 10 08:56:02 UTC: ISAKMP:(0): processing SA payload. message ID = 0
  *Sep 10 08:56:02 UTC: ISAKMP:(0): processing vendor id payload
  *Sep 10 08:56:02 UTC: ISAKMP:(0): vendor ID seems Unity/DPD but major 69 mismatch
  *Sep 10 08:56:02 UTC: ISAKMP (0): vendor ID is NAT-T RFC 3947
  *Sep 10 08:56:02 UTC: ISAKMP:(0):found peer pre-shared key matching 
  *Sep 10 08:56:02 UTC: ISAKMP:(0): local preshared key found
  *Sep 10 08:56:02 UTC: ISAKMP : Scanning profiles for xauth ...
  *Sep 10 08:56:02 UTC: ISAKMP:(0):Checking ISAKMP transform 1 against priority 1 policy
  *Sep 10 08:56:02 UTC: ISAKMP:      encryption 3DES-CBC
  *Sep 10 08:56:02 UTC: ISAKMP:      hash MD5
  *Sep 10 08:56:02 UTC: ISAKMP:      default group 1
  *Sep 10 08:56:02 UTC: ISAKMP:      auth pre-share
  *Sep 10 08:56:02 UTC: ISAKMP:      life type in seconds
  *Sep 10 08:56:02 UTC: ISAKMP:      life duration (VPI) of  0x0 0x1 0x51 0x80 
  *Sep 10 08:56:02 UTC: ISAKMP:(0):atts are acceptable. Next payload is 0
  *Sep 10 08:56:02 UTC: ISAKMP:(0):Acceptable atts:actual life: 0
  *Sep 10 08:56:02 UTC: ISAKMP:(0):Acceptable atts:life: 0
  *Sep 10 08:56:02 UTC: ISAKMP:(0):Fill atts in sa vpi_length:4
  *Sep 10 08:56:02 UTC: ISAKMP:(0):Fill atts in sa life_in_seconds:86400
  *Sep 10 08:56:02 UTC: ISAKMP:(0):Returning Actual lifetime: 86400
  *Sep 10 08:56:02 UTC: ISAKMP:(0)::Started lifetime timer: 86400.
  *Sep 10 08:56:02 UTC: ISAKMP:(0): processing vendor id payload
  *Sep 10 08:56:02 UTC: ISAKMP:(0): vendor ID seems Unity/DPD but major 69 mismatch
  *Sep 10 08:56:02 UTC: ISAKMP (0): vendor ID is NAT-T RFC 3947
  *Sep 10 08:56:02 UTC: ISAKMP:(0):Input = IKE_MESG_INTERNAL, IKE_PROCESS_MAIN_MODE
  *Sep 10 08:56:02 UTC: ISAKMP:(0):Old State = IKE_I_MM2  New State = IKE_I_MM2 
  *Sep 10 08:56:02 UTC: ISAKMP:(0): sending packet to x.x.x.x my_port 500 peer_port 500 (I) MM_SA_SETUP
  *Sep 10 08:56:02 UTC: ISAKMP:(0):Sending an IKE IPv4 Packet.
  *Sep 10 08:56:02 UTC: ISAKMP:(0):Input = IKE_MESG_INTERNAL, IKE_PROCESS_COMPLETE
  *Sep 10 08:56:02 UTC: ISAKMP:(0):Old State = IKE_I_MM2  New State = IKE_I_MM3 
  *Sep 10 08:56:02 UTC: ISAKMP (0): received packet from x.x.x.x dport 500 sport 500 Global (I) MM_SA_SETUP
  *Sep 10 08:56:02 UTC: ISAKMP:(0):Input = IKE_MESG_FROM_PEER, IKE_MM_EXCH
  *Sep 10 08:56:02 UTC: ISAKMP:(0):Old State = IKE_I_MM3  New State = IKE_I_MM4 
  *Sep 10 08:56:02 UTC: ISAKMP:(0): processing KE payload. message ID = 0
  *Sep 10 08:56:02 UTC: ISAKMP:(0): processing NONCE payload. message ID = 0
  *Sep 10 08:56:02 UTC: ISAKMP:(0):found peer pre-shared key matching x.x.x.x
  *Sep 10 08:56:02 UTC: ISAKMP:(2746): processing vendor id payload
  *Sep 10 08:56:02 UTC: ISAKMP:(2746): vendor ID is Unity
  *Sep 10 08:56:02 UTC: ISAKMP:(2746): processing vendor id payload
  *Sep 10 08:56:02 UTC: ISAKMP:(2746): vendor ID is DPD
  *Sep 10 08:56:02 UTC: ISAKMP:(2746): processing vendor id payload
  *Sep 10 08:56:02 UTC: ISAKMP:(2746): speaking to another IOS box!
  *Sep 10 08:56:02 UTC: ISAKMP:received payload type 20
  *Sep 10 08:56:02 UTC: ISAKMP (2746): NAT found, both nodes inside NAT
  *Sep 10 08:56:02 UTC: ISAKMP:received payload type 20
  *Sep 10 08:56:02 UTC: ISAKMP (2746): My hash no match -  this node inside NAT
  *Sep 10 08:56:02 UTC: ISAKMP:(2746):Input = IKE_MESG_INTERNAL, IKE_PROCESS_MAIN_MODE
  *Sep 10 08:56:02 UTC: ISAKMP:(2746):Old State = IKE_I_MM4  New State = IKE_I_MM4 
  *Sep 10 08:56:02 UTC: ISAKMP:(2746):Send initial contact
  *Sep 10 08:56:02 UTC: ISAKMP:(2746):SA is doing pre-shared key authentication using id type ID_IPV4_ADDR
  *Sep 10 08:56:02 UTC: ISAKMP (2746): ID payload 
  next-payload : 8
  type         : 1 
  address      : 192.168.1.101 
  protocol     : 17 
  port         : 0 
  length       : 12
  *Sep 10 08:56:02 UTC: ISAKMP:(2746):Total payload length: 12
  *Sep 10 08:56:02 UTC: ISAKMP:(2746): sending packet to x.x.x.x my_port 4500 peer_port 4500 (I) MM_KEY_EXCH
  *Sep 10 08:56:02 UTC: ISAKMP:(2746):Sending an IKE IPv4 Packet.
  *Sep 10 08:56:02 UTC: ISAKMP:(2746):Input = IKE_MESG_INTERNAL, IKE_PROCESS_COMPLETE
  *Sep 10 08:56:02 UTC: ISAKMP:(2746):Old State = IKE_I_MM4  New State = IKE_I_MM5 
  *Sep 10 08:56:03 UTC: ISAKMP (2746): received packet from x.x.x.x dport 500 sport 500 Global (I) MM_KEY_EXCH
  *Sep 10 08:56:03 UTC: ISAKMP:(2746): phase 1 packet is a duplicate of a previous packet.
  *Sep 10 08:56:03 UTC: ISAKMP:(2746): retransmitting due to retransmit phase 1
  *Sep 10 08:56:04 UTC: ISAKMP:(2746): retransmitting phase 1 MM_KEY_EXCH...
  *Sep 10 08:56:04 UTC: ISAKMP (2746): incrementing error counter on sa, attempt 1 of 5: retransmit phase 1
  *Sep 10 08:56:04 UTC: ISAKMP:(2746): retransmitting phase 1 MM_KEY_EXCH
  *Sep 10 08:56:04 UTC: ISAKMP:(2746): sending packet to x.x.x.x my_port 4500 peer_port 4500 (I) MM_KEY_EXCH
  *Sep 10 08:56:04 UTC: ISAKMP:(2746):Sending an IKE IPv4 Packet.

  This could be because the port 4500 packet that is being sent is not being received by the peer side or it is ignoring that packet. 
  Since the port 500 packet that you are receiving is a duplicate of the previous packet it is definitely not a reply packet for the port 4500 packet. 
  If you can get the debugs from the other end, then you could see if the peer side is receiving the udp port 4500 packets.
  If not that then this could be a UDP port 4500 block with the ISP.

• How to connect an external hard drive and monitor a single port thuderbolt

  how to connect an external hard drive and monitor a single port thuderbolt

  Yu connect the HDD to your Mac and then the monitor to the HDD.
  The HDD  should have TWO T-Bird ports on the enclosure.
  Its called daisy chaining and up to five devices can be connected in this fashion.

• Can the last link in a thunderbolt daisy-chain be a non-thunderbolt monitor using miniDisplay port?

  Can the last link in a thunderbolt daisy-chain be a non-thunderbolt monitor, using miniDisplay port?
  For example, Mac mini <--> external SSD <--> apple cinema display 30" (using miniDisplay port adaptor plugged into the SSD's second thunderbolt port)

  TechnoMax wrote:
  for instance STAE122 or STAE 127?
  FWIW, STAE129 is the current version TB adapter
  that is self powered and has TB daisy chain port.
  STAE122 and STAE127 are older versions and
  not the current model, though there may be stock of
  these around.  As to whether this will solve your issue,
  I don't know.
  Can I trick the Mac under Bootcamp as OS to use HDMI for the monitor? Dell officially says that the monitor can only accept 1900x1080 over HDMI, but some have fiddled wth different computers with custom settings that worked with some Monitors but mostly under Linux and to Dell 2711.
  The MacMini HDMI port is hardware limited to 1980x1200.

• TCP/UDP Ports and site used by FEP to download updates - needed to allow on perimeter firewall

  Can some one point me with information like what TCP/UDP ports are utilized by FEP and what DNS / site Name it uses to download FEP Updates. This is needed to tighten perimeter FireWall policies
  Thank you

  It should be the same as the documentation for all Software Updates:
  https://technet.microsoft.com/en-us/library/bcf8ed65-3bea-4bec-8bc5-22d9e54f5a6d#BKMK_ConfigureFirewalls
  Make sure to expand the "restrict access to specific domains" section to see the update related URLs.

• Will an X220 drive a Dell UP2414Q 4K 3840 x 2160 Monitor via Display Port?

  I've not been able to find any information about this on the web and there is definitely some confusion about DisplayPort versions - could some one answer the question will an X220 drive a Dell UP2414Q 4K IPS Monitor at it's native resolution of 3840 x 2160 Monitor via Display Port? Would that be at 30Hz rather than 60Hz?
  Many thanks, Mark.
  Solved!
  Go to Solution.

  The X220 will drive the Dell UP2414Q 4K resolution through Displayport. I have tested this on the Pro2840m LCD which has the same resolution. But only on 30 hz refresh rate.
  The X220 with the Series 3 Workstation Dock will drive 2 of the Pro2840m through 2 separate displayport.
  The X201 will also drive this 4K resolution, as long as the LCD's 4K can accept Displayport 1.1 standard (on the 1.2 standard, the LCD will stay blank).
  https://www.flickr.com/photos/lead_org/14671257827/in/set-72157645860787090
  the above image confirms the 4K resolution and my X220 driving that resolution @ 30 hz.
  For 60 hz refresh rate on the 4K resolution with integrated Intel GPU, you need Haswell CPU with the HD5000 graphics card, anything below that will only drive the 4K resolution at 30 Hz. 
  Regards,
  Jin Li
  May this year, be the year of 'DO'!
  I am a volunteer, and not a paid staff of Lenovo or Microsoft

• Noticed that my MAC Mini is sending traffic to 70.38.54.77 on sequential UDP ports (port scanning?)

  Hi,
  I noticed in my home router logs that my MAC Mini "scans" UDP ports in the 33xxx range to an address 70.38.54.77 ... a quick search shows others complains but not result or explanation. I am looking to see if this is some piece of sw installed in my MAC or perhaps how to block traffic to/from that IP (or its subnet).
  See below - .149 is my MAC mini IP address at home.
  Outgoing log
  LAN IP address
  |
  Destination URL or IP address
  |
  Service or port number
  192.168.2.149
  70.38.54.77
  33495
  192.168.2.149
  70.38.54.77
  33494
  192.168.2.149
  70.38.54.77
  33493
  192.168.2.149
  70.38.54.77
  33492
  192.168.2.149
  70.38.54.77
  33491
  192.168.2.149
  70.38.54.77
  33490
  192.168.2.149
  70.38.54.77
  33489
  192.168.2.149
  70.38.54.77
  33488
  192.168.2.149
  70.38.54.77
  33487
  192.168.2.149
  70.38.54.77
  33486
  192.168.2.149
  70.38.54.77
  33485
  192.168.2.149
  70.38.54.77
  33484
  192.168.2.149
  70.38.54.77
  33483
  192.168.2.149
  70.38.54.77
  33482
  192.168.2.149
  70.38.54.77
  33481
  192.168.2.149
  70.38.54.77
  33480
  192.168.2.149
  70.38.54.77
  33479
  192.168.2.149
  70.38.54.77
  33478
  192.168.2.149
  70.38.54.77
  33477
  192.168.2.149
  70.38.54.77
  33476
  192.168.2.149
  70.38.54.77
  33475
  192.168.2.149
  70.38.54.77
  33474
  192.168.2.149
  70.38.54.77
  33473
  192.168.2.149
  70.38.54.77
  33472
  192.168.2.149
  70.38.54.77
  33471
  192.168.2.149
  70.38.54.77
  33470
  192.168.2.149
  70.38.54.77
  33469
  192.168.2.149
  70.38.54.77
  33468
  192.168.2.149
  70.38.54.77
  33467
  Thanks in advance.

  Is that your IP & ISP?
  NetRange:       70.38.54.64 - 70.38.54.95
  CIDR:           70.38.54.64/27
  OriginAS:      
  NetName:        IWEB-CL-T140-02SH
  To see if it's you/your provider, What's my ip...
  http://www.whatismyipaddress.com/
  Little Snitch, stops/alerts outgoing stuff...
  http://www.obdev.at/products/littlesnitch/index.html
  And will tell you what wants to use that port, then you can choose to allow or deny.

• Identify Ports for AD - External UDP port scanner

  Greetings all,
  I am trying to figure out which UDP port is alarming on the "AD - External UDP port scanners (13005)" signature. By default, the signature is set to summarize which looks something like this "NumDestIps=100; currentTHreshold=100. protocol=1".
  From the "Protocol = 1" line I am assuming all scanning is hitting up on a single destination protocol - I need to know which protocol / port number.
  I've already attempted to turn on "log attacker, pair, and victim" packets. Verbose is not an option for this signature. I have also tried changing alert Frequency to "fire all" or just uncheck the "Summary Mode" box. None of this tells me the destination/victim port. I do see under a protocol field "ICMP" but i don't believe that pertains to the source port. Any ideas on how I might find this information?

  TCP/445 is used by Microsoft file sharing (CIFS), and by default that port is opened on all Microsoft PC basically to allow file sharing.
  If you open up DOS prompt, and type: netstat -na, you would see that your PC is by default listening on TCP/445.
  Here is more information on Microsoft-DS (TCP/445):
  http://www.linklogger.com/TCP445.htm
  http://en.wikipedia.org/wiki/Server_Message_Block
  So it really depends on your corporate security policy, whether to allow file sharing or not within the network. IPS is picking that up because it is an easier way of exploiting a PC since the port is opened by default.

• Should I block TCP/UDP ports 135 to 139 on my router?

  For the sake of Internet and Desktop security should I block TCP/UDP ports 135 to 139 both ways at all times on my router?  This seems to be recommended for Windows environments. Does Mavericks need these ports for its proper operation?  When tested, ports 135, 137,18 show as closed whereas all other ports are Stealth.  Ideally, they should all be Stealth.

  Have a read here: http://securityspread.com/2013/07/26/firewall/
  Stealth is just as good as closed, some would argue that stealth is just as much of a giveaway of the port being present as it being closed.
  The specific ports you mention pose no risk to OS X as far as I am aware.