MAX port sweeping

yenknip · ‎05-28-2008

Our firewall has detected a large number of tcp portsweeps from computers running rigs and we are attempting to determine what is causing them. They are being picked up because they show similar properties to trojans trying to get out and sniff the network

I am posting here, because a few of the machines have only NI software on, and we were wondering if it could be caused by MAX attempting to detect devices on the network?

_____________________________
- Cheers, Ed

waldemar.hersacher · ‎05-28-2008

Here are two documents desribing which ports are used by NI software

http://digital.ni.com/public.nsf/allkb/CEF5A3568A5DA71D8625732800520EA1

http://digital.ni.com/public.nsf/allkb/FE6A63983AC8289E86256B22005A067A

Waldemar

Using 7.1.1, 8.5.1, 8.6.1, 2009 on XP and RT
Don't forget to give Kudos to good answers and/or questions

yenknip · ‎05-29-2008

A follow-up:

The boys in IT have determined that it was Automatic Windows Update causing lots of request denials on the firewall. It turns out that automatic updates doesn't always check the microsoft site, often it is 3rd party sites.

So in short - Yay Microsoft 😄

_____________________________
- Cheers, Ed

altenbach · ‎05-29-2008

yenknip wrote:
It turns out that automatic updates doesn't always check the microsoft site, often it is 3rd party sites.

You probably don't want the entire world to update from a server in Redmond, WA. 🙂

I believe they are using akamai as a distributed content delivery system. These are perfectly safe.

LabVIEW Champion.

LabVIEW

MAX port sweeping

MAX port sweeping

Re: MAX port sweeping

Re: MAX port sweeping

Re: MAX port sweeping