Reserved: Dissecting Internet Traffic on Port 0

Maghsoudlou, Aniss; Gasser, Oliver; Feldmann, Anja

DetailsSummary

Reserved: Dissecting Internet Traffic on Port 0

Maghsoudlou, A., Gasser, O., & Feldmann, A. (2020). Reserved: Dissecting Internet Traffic on Port 0. In Extended abstract of a poster presented at Passive and Active Measurement Conference (PAM) 2020. Retrieved from http://arxiv.org/abs/2004.03653.

Item is Released

show all hide all

Basic

show hide

Item Permalink: https://hdl.handle.net/21.11116/0000-0006-0D13-7 Version Permalink: https://hdl.handle.net/21.11116/0000-0006-0D8E-D

Genre: Conference Paper

Latex : Reserved: {D}issecting Internet Traffic on Port 0

Files

show Files

hide Files

:

arXiv:2004.03653.pdf (Preprint), 204KB

View Save

File Permalink:
https://hdl.handle.net/21.11116/0000-0006-0D15-5

Name:
arXiv:2004.03653.pdf

Description:
File downloaded from arXiv at 2020-04-09 09:55 Extended abstract of a poster presented at Passive and Active Measurement Conference (PAM) 2020

OA-Status:

Visibility:
Public

MIME-Type / Checksum:
application/pdf / [MD5]

Technical Metadata:

View

Copyright Date:
-

Copyright Info:
-

License:
http://arxiv.org/licenses/nonexclusive-distrib/1.0/

Locators

show

Creators

show

hide

Creators:
Maghsoudlou, Aniss¹, Author
Gasser, Oliver¹, Author
Feldmann, Anja¹, Author

Affiliations:
1Internet Architecture, MPI for Informatics, Max Planck Society, ou_2489697

Content

show

hide

Free keywords: Computer Science, Networking and Internet Architecture, cs.NI

Abstract: Transport protocols use port numbers to allow connection multiplexing on
Internet hosts. TCP as well as UDP, the two most widely used transport
protocols, have limitations on what constitutes a valid and invalid port
number. One example of an invalid port number for these protocols is port 0. In
this work, we present preliminary results from analyzing port 0 traffic at a
large European IXP. In one week of traffic we find 74GB port 0 traffic. The
vast majority of this traffic has both source and destination ports set to 0,
suggesting scanning or reconnaissance as its root cause. Our analysis also
shows that more than half of all port 0 traffic is targeted to just 18 ASes,
whereas more than half of all traffic is originated by about 100 ASes,
suggesting a more diverse set of source ASes.

Details

show

hide

Language(s): eng - English

Dates: Created: 2020-04-07Published Online: 2020

Publication Status: Published online

Pages: 2 p.

Publishing info: -

Table of Contents: -

Rev. Type: -

Identifiers: arXiv: 2004.03653
URI: http://arxiv.org/abs/2004.03653
BibTex Citekey: Maghsoudlou_PAM2020

Degree: -

Event

show

hide

Title: The Passive and Active Measurement Conference

Place of Event: Virtual Conference

Start-/End Date: 2020-03-30 - 2020-03-31

Legal Case

show

Project information

show

Source 1

show

hide

Title: Extended abstract of a poster presented at Passive and Active Measurement Conference (PAM) 2020

Abbreviation : PAM 2020

Source Genre: Proceedings

Creator(s):

Affiliations:

Publ. Info: -

Pages: - Volume / Issue: - Sequence Number: - Start / End Page: - Identifier: -