Weird hits on port 2703

security firewall port internet-security

Short answer:

It's very unlikely that this poses a threat to your machine.

Long answer:

Unless you have a program running on your machine that is receiving the packets [typically called a daemon], the system won't be affected. It might be a good idea to do a UDP port scan with a program like Nmap to figure out whether that port is open.

Since this is UDP [known colloquially as the "Unimportant Data Protocol"], which requires that the program on the receiving end initiate an outgoing connection in order for the sender to have ANY idea if it's getting through, this probably isn't a probe attempt. Most network scanners use TCP SYN packets to scan if a port is open or not. Chances are that this is just a matter of 91.143.232.133 just sending its packets to the wrong host. Maybe the remote host is just spewing out UDP packets to port 2703 of every host the Internet.

If you're really concerned, you can set your firewall to block all packets from that host, or close the port off completely if you're not using it.

I used to get really concerned when I'd get log messages saying that unsolicited packets were arriving on closed ports, but it never amounted to anything. Now I don't even look at the messages.


Your firewall software is scaring you unnecessarily. First: "stealth mode" isn't stealthy at all. It just means that your machine hasn't sent an ICMP /IP"port unreachable" response to the incoming datagrams. Second: UDP/IP is connectionless, unlike TCP/IP, so there has been no "connection attempt" at all.

UDP/IP port 2703 is used by Microsoft System Management Server for its "remote chat" function. Someone on that IP address is using SMS to try to perform a Remote Chat with you, or whoever used your IP address before you. This could be benign, someone who doesn't know that whoever had your IP address before is no longer using that address, or it could be malicious, someone looking to see whether you have the SMS Client installed insecurely so that xe can try to use its remote control functions to take over your machine.

But since your firewall is simply dropping the inbound UDP/IP traffic on the floor, without even sending an ICMP/IP response, in either case there's no cause for action on your part.

Related

Automatically download files in Internet Explorer without getting prompted to Save / Cancel?
How can I obtain a one-to-many rows table by merging duplicated cells in a large normalized table?
Increasing the sound volume in Windows Vista
Can I write Japanese on my trackpad?
how to run a command with admin priviledges when I don't have admin account on my Win7 computer
What are the net consequences of core parking?
How do I use a custom keyboard layout created with Microsoft Keyboard Layout Creator in Windows 8?
Internet Explorer 10 doesn't seem to work with Sysinternals Desktops
Remotely push DNS server to client via OpenVPN
Can't boot OS from USB drive, showing black screen with blinking cursor
How to physically damage a USB stick, SD card, or SDXC card to permanently make it read only? [duplicate]
How to stop my email messages being marked as read when a POP client downloads them?