A lot of unknow-udp traffic (port 123)

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

A lot of unknow-udp traffic (port 123)

L4 Transporter

Hi

I observed since 04/09 a lot of traffic clasified as unknown-udp from my DMZ to Untrust. It could be missidentified because I have security rule that allow NTP.

It could be related to 429 package of Thread prevention update. Now I'm on 430-2169.

Do You have the same?

Regards

SLawek

1 accepted solution

Accepted Solutions

L4 Transporter

NTP content was modified in content 428 to counter certain apps that were using the same udp port 123 to pass traffic. The behavior has been corrected will appear as such the next release.

View solution in original post

3 REPLIES 3

L0 Member

I had some unusual behavior with DHCP using application-default for the service.   However it identified DHCP using Service Any.   You might try something like that as a test if that sounds familiar.

L4 Transporter

NTP content was modified in content 428 to counter certain apps that were using the same udp port 123 to pass traffic. The behavior has been corrected will appear as such the next release.

Thx, so I will waiting for 431 update.

  • 1 accepted solution
  • 3821 Views
  • 3 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!