501929 - UDP Port Attacts

Status: RESOLVED INVALID

(Firefox :: General, defect)

Description

[Scott Litchman]

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4

I use the Comodo Firewall Pro, Since I startet checking my firewall this morning 
Some sever attacks came up. They averaged every 20 min. The IP address is,
192.168.1.254.They are UDP Port Attacks I do not know if that will be helpful. But I uninstalled the Firefox 3.5. Reinstalled the next earlier version. Then the attacks stopped. I am not totally sure if the attacker just gave up. Or there is a hole some where in the Firefox 3.5. I hope this is helpful. I am not really a TECH. So good luck

Reproducible: Didn't try

Comment 1

[Brandon Sterne (:bsterne)]

192.168.1.254 is an IP address on your internal private network.  This is not a Firefox bug.

Comment 2

[Daniel Veditz [:dveditz]]

192.168.1.254 might be the localhost IP address... is that the sending or target address?

Why is your version of Firefox stuck at 3.0.4? Did you turn off security updates? That seems unlikely if you're the sort of person who knows enough to be worrying about UDP port attacks.

You're on WinXP, so maybe you're using a "limited" account. This is generally recommended but then Firefox doesn't have the privileges necessary to update (on the plus side it doesn't have the privileges to rootkit your machine, which is a good thing if you're eight months behind on security updates). You should try updating manually from a privileged account.

Back to your problem -- what kind of UDP requests? DNS requests are sent over UPD, I wonder if the Comodo Firewall is seeing the new DNS prefetching feature as an attack?