BOINC activity on port 2968


Advanced search

Message boards : Questions and problems : BOINC activity on port 2968
Message board moderation

To post messages, you must log in.

AuthorMessage
Marc Lewis

Send message
Joined: 5 Nov 15
Posts: 1
United States
Message 65282 - Posted: 5 Nov 2015, 22:08:43 UTC
Last modified: 5 Nov 2015, 22:09:54 UTC

Two of my BOINC machines are running on a corporate domain, but are personal machines. There has been a recent security audit that has pointed to both of my machines having port 2968 (protocol ENPP, also used by Symantec on Novell systems AS WELL AS trojans.

One of the machines runs XP, SP3 (no alternative due to specific testing software that cannot run on W7 or higher.) It has a third party (Avast) firewall; I blocked port 2968 both TCP and UDP and both In and Out. BOINC promptly stopped working, unable to communicate with the servers.

The other machine is running Windows 7 Enterprise; its internal firewall has been configured to block port 2968, again in both directions, but BOINC seems unaffected on that machine.

According to BOINC documentation, all communication is supposed to take place on port 80. What is happening on port 2968 that would make the BOINC client stop working on XP, yet not on Windows 7?

Your insight will be much appreciated.

Kind regards,
Marc
ID: 65282 · Report as offensive
Profile Jord
Volunteer tester
Help desk expert
Avatar

Send message
Joined: 29 Aug 05
Posts: 15484
Netherlands
Message 65291 - Posted: 6 Nov 2015, 16:45:50 UTC - in response to Message 65282.  
Last modified: 6 Nov 2015, 16:46:48 UTC

The normal communication ports for BOINC are TCP 80 and 443.
It's possible to add a different communications port through a proxy. This is normally used to circumvent a company firewall.

Separately from these, BOINC uses TCP port 31416 to communicate between its parts.
It's possible to change this port number by starting the client (boinc.exe) with the --gui_rpc_port <port> attribute, where <port> is a value between 1 and 53640.

Unless the BOINC wasn't from Berkeley, but a third party supplied version that had the ports differently compiled etc. I don't see why BOINC itself uses TCP 2698.

Are you sure it was BOINC itself using this port for the internet, not for internal communication between parts, and not that a project's application or VirtualBox was using this? Which projects do you run on the XP box? Which BOINC versions do you run?
ID: 65291 · Report as offensive
Lew

Send message
Joined: 2 Jan 16
Posts: 1
United States
Message 66587 - Posted: 2 Jan 2016, 18:34:41 UTC - in response to Message 65282.  

On my Windows system, port 2968 is open for the Epson EEventManager service for my Epson multi-function printer/scanner/fax. According to this (http://www.epson.com/cgi-bin/Store/support/supDetail.jsp?infoType=FAQ&oid=199903&foid=207564) the EEventManager is required for proper functioning of scanning, etc. It is only visible from the local network; my firewall blocks it for internet traffic.
ID: 66587 · Report as offensive

Message boards : Questions and problems : BOINC activity on port 2968

Copyright © 2024 University of California.
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation.