Open Tcp Port 1025 Blackjack
Posted onby admin
Open Tcp Port 1025 Blackjack Average ratng: 7,7/10 4776 votes
Is this anything to worry about?
As of now, I have 10 megs of the following logs, and still climbing.
Jun 7 22:28:21 paradox kernel: [IPTABLES DROP] : IN=eth0 OUT= MAC=00:05:5d:80:e8:92:00:04:5a:26:6d:b3:08:00 SRC=207.69.200.211 DST=192.168.1.201 LEN=195 TOS=0x00 PREC=0x00 TTL=51 ID=20057 PROTO=UDP SPT=53 DPT=1025 LEN=175
Jun 7 22:28:26 paradox kernel: [IPTABLES DROP] : IN=eth0 OUT= MAC=00:05:5d:80:e8:92:00:04:5a:26:6d:b3:08:00 SRC=207.69.200.210 DST=192.168.1.201 LEN=40 TOS=0x00 PREC=0x00 TTL=51 ID=9575 PROTO=UDP SPT=53 DPT=1025 LEN=20
I have no idea of what they’re trying to do, but UDP ports 53 and 1025 (blackjack) seem to be of interest. The kicker is, these ports are not open on my router, so how are they seeping through, and why? I recently setup a caching name-server, which uses port 53, but again, I don’t have that port open on the outside.
Iptables is dropping the packets, but that because I’ve blocked their class C. My question is, are they somehow using my name server, or is this type of probe common? Should I close off these ports, and how?
Thanks,
Dave H
As of now, I have 10 megs of the following logs, and still climbing.
Jun 7 22:28:21 paradox kernel: [IPTABLES DROP] : IN=eth0 OUT= MAC=00:05:5d:80:e8:92:00:04:5a:26:6d:b3:08:00 SRC=207.69.200.211 DST=192.168.1.201 LEN=195 TOS=0x00 PREC=0x00 TTL=51 ID=20057 PROTO=UDP SPT=53 DPT=1025 LEN=175
Jun 7 22:28:26 paradox kernel: [IPTABLES DROP] : IN=eth0 OUT= MAC=00:05:5d:80:e8:92:00:04:5a:26:6d:b3:08:00 SRC=207.69.200.210 DST=192.168.1.201 LEN=40 TOS=0x00 PREC=0x00 TTL=51 ID=9575 PROTO=UDP SPT=53 DPT=1025 LEN=20
I have no idea of what they’re trying to do, but UDP ports 53 and 1025 (blackjack) seem to be of interest. The kicker is, these ports are not open on my router, so how are they seeping through, and why? I recently setup a caching name-server, which uses port 53, but again, I don’t have that port open on the outside.
Iptables is dropping the packets, but that because I’ve blocked their class C. My question is, are they somehow using my name server, or is this type of probe common? Should I close off these ports, and how?
Thanks,
Dave H
TCP: 443: HTTPS: Default secure HTTP port. The port number may differ from the default port. This secure network transport must be manually configured. Although this port is not required to run Dynamics 365 for Customer Engagement, we strongly recommend it.
Open Tcp Port 1025 Blackjack Software
- Hi: Anybody knows something about the 1025 port? I make a portscan using nmap 2.53 over some servers of one of my networks and I've encountered the port 1025 UDP prot. And the name 'blackjack' returned as the name service. Thanks in advance! Here's my guess: You're using bind and you blocked UDP port 1-1024 with your firewall.
- Port Authority Database Port 1025. Name: blackjack: Purpose. If you are reading this page because our port analysis has revealed that you have open ports lying between 1024 and 1030, it would certainly be in your best interests to configure your personal firewall to block incoming connection requests (TCP SYN packets) to those low-numbered.