# UDP flood from port 4017



## Basspick3r (Mar 30, 2008)

Hello, I've got a concern with something I'm uncertain about. I received a security alert from my firewall device saying that a UDP flood originated from my LAN IP address via port 4017. On my desktop, I looked in McAfee firewall to see which programs were listening and I found that the Generic Host Process for Win32 Services was listening on port 4017. I'm just curious as to what could be causing this problem and if the Generic Host program could be what caused the UDP flood.

This was the alert:

2008-03-29 23:06:27 - UDP Flood - Source:local IP address,4017,LAN - 
Destination:208.67.222.222,53,WAN

Thanks for the help.


----------



## johnwill (Sep 26, 2002)

Hard to say, have you checked for spyware/malware?


----------



## Basspick3r (Mar 30, 2008)

johnwill said:


> Hard to say, have you checked for spyware/malware?


I did a scan with Spybot, but it didn't find anything. I'm thinking a boot-time scan with Avast is next, but I'll also scan with MS Defender and Ad-Aware just to double up.


----------



## johnwill (Sep 26, 2002)

Please follow the instructions *here* (5 pages) and then post all the requested logs in a new thread *here* for the security analysts to look at. If you have any trouble running any of the scans, leave them and move onto the next.

The security forum is always busy, so please be patient and you will receive a reply as soon as possible. If you go to Thread Tools > Subscribe at the top of your new thread you will receive an email as soon as a reply is posted.


----------

