tcpdump for Symantec AV udp port 2967

Description

10:36:33.589037 IP 128.11.120.78.47010 > acslondc1.acslon.com.2967: UDP,
length: 0
0x0000: 4500 001c 4bd1 0000 3011 996c 800b 784e E...K...0..l..xN
0x0010: ac1c 011e b7a2 0b97 0008 9710 ............
10:36:34.589660 IP 128.11.120.78.47011 > acslondc1.acslon.com.2967: UDP,
length: 0
0x0000: 4500 001c 5711 0000 2e11 902c 800b 784e E...W......,..xN
0x0010: ac1c 011e b7a3 0b97 0008 970f ............

Environment

Operating System: Linux Platform: PC

Acceptance / Success Criteria

None

Lucidchart Diagrams

Activity

Show:

Ronny Trommer July 9, 2015 at 7:01 PM

Reopen this issue if this use case still exist after 10 years.

Mike Huot May 18, 2005 at 10:11 AM

I figured out why the tcpdump does not show any response. nmap uses the lack of
an ICMP unreachable for a port as saying the port is open. Not sure how we
would work with this. Java does not handle ICMP. We would need some sort of
API to interact with the AV agent at the UDP level completely.

Mike Huot May 17, 2005 at 9:55 AM

Bill wants a poller for this UDP application.

Won't Fix

Details
Assignee
Mike Huot
Reporter
Bill Berry
Components
Affects versions
1.2.2
Priority
Minor

PagerDuty

Created May 17, 2005 at 9:46 AM

Updated August 6, 2015 at 4:06 PM

Resolved July 9, 2015 at 7:01 PM

tcpdump for Symantec AV udp port 2967

Description

Environment

Acceptance / Success Criteria

Lucidchart Diagrams

Activity

Ronny Trommer July 9, 2015 at 7:01 PM

Mike Huot May 18, 2005 at 10:11 AM

Mike Huot May 17, 2005 at 9:55 AM

DetailsAssigneeMike HuotMike HuotReporterBill BerryBill BerryComponentsAffects versions1.2.2PriorityMinor

Details

Assignee

Reporter

Components

Affects versions

Priority

PagerDutyPagerDuty Incident

PagerDuty

Details
Assignee
Mike Huot
Reporter
Bill Berry
Components
Affects versions
1.2.2
Priority
Minor

PagerDuty