Re: odd UDP source port 500 dst port 500 traffic

[Rick Payne <rickp () ROSSFELL CO UK>]

--On Thursday, March 22, 2001 13:41:22 -0500 fire-eyes
<sgtphou () FIRE-EYES YI ORG> wrote:

> Anyone know what this is? I wasn't able to toss a sniffer up on it.
>
>
> Mar 22 13:35:42 fire-eyes iplog[389]: UDP: dgram to
> tnt1a-111.flint.corecomm.net
>  (216.214.82.111):port 500 from x.edu (x):500
> (904 data bytes)

Its most likely ISAKMP - the IPsec key exchange protocol.

Rick