Does anyone know why Sygate listens on my port 1027 UDP? I asked this in the Sygate forum and got nowhere. And the part that bothered me is that Sygate let's random packets to port 1027 UDP IN. Why? What the heck is it listeing for anyway? I'm pretty sure it's got nothing to do with it's version checking or IDS updates. Anyone know on this?
Kerodo wrote in news:MPG.1ce84c66e513134d989680 @news.west.cox.net:
Duane :)
Duane Arnold wrote in news:Xns9651F979F034notmenotmecom@204.127.199.17:
What the hell does Exosee have to do with Sygate Personal Firewall?
elaich wrote in news: snipped-for-privacy@individual.net:
I believe the OP was asking about a port. Now what the HELL a PFW solution may have to do with the port is another story and I don't care. I only told OP about the port.
Duane :)
Mines listening on port 1026 UDP, local IP 0.0.0.0. How else is it going to act as a firewall if it isn't listening? I used a port monitor to check. It's not connecting remotely to anything on my PC.
You have not blocked them out. You need a couple of Advanced Rules.
Casey
Thanks (to all) for posting. Yep, mines listening on 1027 too. Although this has nothing whatsoever to do with the proper functioning of the firewall. I can create rules to block it, no problem. Just wondered if anyone knew specifically why Sygate does that.
Thanks...
Well, I look at my port monitor again and I see 3 that say system listening on UDP and 2 that say listing on TCP, and then there is svchost.exe listening on TCP and alg.exe listening on TCP, plus smc.exe (Sygate) listening on UDP, the only one connected remotely is agent.exe (news reader). What are they all listening for? Haven't a clue. :-)
I don't know either, but I see no reason why Sygate needs to listen for anything.. Oh well.. :)
Ok, I just did some snooping around about the ports and the services that were mentioned ;)
I am not sure about the system process that are listening to/for udp communication...
However, about the Sygate smc.exe listening to port 1027 - this is for
2 reasons: 1st- smc.exe is a part of the Sygate Secure Enterprise, more specifically the firewall product. This piece of software blocks attacks from Internet-bound viruses and hackers. This program is important for the stable and secure running of your computer and should not be terminated. (quoted from:2nd - Microsoft operating systems tend to allocate one or more unsuspected, publicly exposed services (probably DCOM, but who knows) among the first handful of ports immediately above the end of the service port range (1024+). (and) The most distressing aspect of this, is that these service ports are wide open to the external Internet. If Microsoft wants to allow DCOM services and clients operating within a single machine to inter-operate, that's fine. But in that case the DCOM service ports should be "locally bound" so that they are not wide open and flapping in the Internet breeze. (from:
Sooo....on Port 1027 having a tool from the firewall snooping/sniffing about is not a terrible thing to have.
Search on Google for the other services and ports and it will give ya Tons of info!
~Demon
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.