Free Republic
Browse · Search 		General/Chat
Topics · Post Article

To: Golden Eagle

You asked — “So before I bog this thing down with all those port trackers and blockers like I have (and actually need) on my Windows systems, since you have all that capability active, can you perhaps answer what may be causing the Mac to constantly attempt incrementing UDP port scans on the network in the 40,000 - 50,000 range?”

I could have the firewall log all the UDP port accesses, too..., but I don’t do that right now. But, if I were suspicious of something, I would activate it and watch the log.

I’ve had some things that have been going on for short times and I wonder and try to run it down, just to have it stop after a short while and then I don’t know what it was.

It is a complex system and many times it is communicating “with itself” and it may look like something else is going on.

The long and short of it, is that I don’t know right off the top of my head. However, if you were to go to the Apple Support Board and go to the operating system section [I just saw that you did go there...], usually some smart people hang out there and one of them may be able to answer your question.

I’m still trying to get a list of all the normally operating processes that are supposed to be running on the Mac, and that changes a lot, too..., depending on what you have installed in the way of programs. It takes a lot of work to get to know what is going on in your system. Sometimes I think it’s better to “not know” and live life easier... LOL... (but I can’t do that...).

But, you might check “Bonjour” and see how that operates... (it’s part of the system). I think I’ve got Bonjour blocked right now, through the firewall. But, I also found that some things won’t work and I sometimes have to unblock it.

Bonjour information from Apple...
http://www.apple.com/support/bonjour/

I also have noticed that in some places with public and free WiFi, my computer logs repeated accesses through certain ports, which is the Windows version of Bonjour, I think. At times, I’ve blocked those Windows port scans, too. It was “reported” as not dangerous, but I still didn’t want to be logged on their system.


52 posted on 03/07/2009 3:38:14 PM PST by Star Traveler
[ Post Reply | Private Reply | To 51 | View Replies ]

To: Star Traveler; Swordmaker

Thanks, the Bonjour traffic seems to be locked on port 5353, while these are incrementing 1 port up at at time just the way a port scanner typically operates, but not really a full port scan as it seems to be limited to the 40,000 and low 50,000 range, which is why I’ve not been too concerned yet. Little Snitch is supposed to track down this exact kind of issue, and probably will, but having to go through all the traffic and label it as either good or bad is so Windows like, and something I was hoping to avoid with this new system, at least here right off the bat. That’s one reason I’m stalling, but I’ve also seen lots of complaints that the Little Snitch uninstaller doesn’t really fully remove it, and you have to jump down the command line and manually remove some things if I decide I don’t want to keep/pay for it. No big deal but as I said this thing is running great right now and I don’t really feel like monkeying with it, at all.

But thanks again for your quick response, I pinged Swordmaker as well in case he has any ideas.


53 posted on 03/07/2009 3:52:28 PM PST by Golden Eagle (In God We Trust)
[ Post Reply | Private Reply | To 52 | View Replies ]

Free Republic
Browse · Search 		General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson