Adelphia Tech Support

[S0rtna]

Ok I went to tech support with this issue and they told me absolutely nothing is wrong the firewall is doing it's job but it has not done this since I got it has only started recently. So... I am getting blocked hits on a udp protocol at about a hit per second which is filling the log pretty fast you can imagine from the same destination on port 67 to port 68 destination is the sub mask 255.etc. all of it incoming any clues on what this is and if they are correct that it's nothing to be bother about? Thnks

[S0rtna]

I feel the need to clarify this I don't mean thumbs down for all tech there just that particular one cause he seemed to be avoiding the issues I presented to him like he was trying to watch a football game or something...

[cak46]

Does the firewall log give you the ip for the source and destination of the udp packets?  (If one or both are your ip don't post them), just let us know.

[bwt1953]

I get the same thing on Adelphia. When connected directly to the modem, my software firewall catches it all. The majority of the hits are coming from China and Russia, but there is a fair share from Yahoo and google. Get this just as soon as the computer boots without a browser running. I keep a router insertred all the time to block this trash. Don't have this on Skynet and never had it happen as frequently (every five seconds)  when I was on Verizon DSL.

[cak46]

bwt1953:  Do you get udp packets going to one particular port or multiple ports and multiple source ips?  I've noticed when using adelphia speedtest with firefox, the server servicing the request (after the test is done and I have closed firefox altogether)  starts sending a string of udp packets moving up sequentially numbered ports.

[peepnklown]

Port 67 TCP, UDP

Related ports 68, 69

DHCP Server, used to provide clients with network configuration information and other data.

Firewall port 67 inbound and outbound where possible. DHCP traffic should not go beyond subnets, unless a DHCP relay is in use.

[bwt1953]

bwt1953:

[S0rtna]

yea it shows an ip from port 67 to submask on port 68 udp and also showing a tcp from port 80 to port 1147 but not too concerned with that one as it's not as repetitive

[peepnklown]

If you are the only system connected to the Internet get a WIRED router. Hardware firewalls are superior.

[S0rtna]

sounds good to me

[cak46]

Yeah, I get the port 67 and 68 hits from adelphia, but like the klown says...that's normal, here's what McAfee says:

Thats odd.  I'm on Adelphia and have not seen any hits on ports 67 and 68.  I usually only get about 20-30 udp hits a day total on my "wired firewall router").  For me, I would want to know whos knocking on my back door costantly and I agree that the packets are probably not malicious. 

peepnklown:  If he has multiple machines, why not use a wired firewall with a buit in switch?

[bwt1953]

Thats odd.

[cak46]

I'm located in rural Maine. 

[peepnklown]

Wired Routers are switches with NAT (firewall)

[cak46]

There are routers with hubs built in, routers with switches built in (which you mentioned, and single port routers. A firewall router is different than a standard router in that, depending on the firewall router, it will filter proxy, cookies, java, etc as well as stateful packet inspection (which tests incoming packets for validity, so to speak).