This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Outbound Traffic on UDP 3050

Outbound Traffic on UDP 3050

Paul_M
New Contributor

‎08-14-2020 11:17 AM

HI, I am a SOC Analyst who is working with one of my clients. I was doing a port inspection, and noticed a high number of outbound requests on UDP 3050. They all seem to be about 500 bytes. No traffic is witnessed inbound. 

The client believes this traffic is coming from their wireless access point. The client states that they are running:

  • on premises Hive Manager Software Version: 8.2r2c
  • AP model AP250 running HiveOS 8.0r1.162054

The client has reported that these are older Manager and Firmware models, and plans to upgrade.

Any help in identifying this traffic and stopping it would be greatly appreciated.

Thank you.

P.S. I’m guessing the Sub-Forum. Please let me know if I need to move this post to the proper forum

0 Kudos
2 REPLIES 2

Paul_M
New Contributor

‎08-16-2020 11:05 AM

Sam, after reading this, I think you may be on to something. One thing I noticed was that there seemed to be a pattern in the IP addresses using the port. Certain ip ranges (like a .19) seemed to be present more in the findings. I’ll run this by my client with their weekly report. I’ll keep you in the loop. Thanks for the pointer.

0 Kudos

SamPirok
Community Manager Community Manager
Community Manager

‎08-14-2020 07:21 PM

Hello Paul, my first thought is IP tracking, do you know if that is enabled in your policy? This page reviews IP tracking for reference: http://docs.aerohive.com/330000/docs/help/english/ng/Content/gui/configuration/configuring-ip-tracki...

0 Kudos
GTM-P2G8KFN