While reviewing firewall logs I observed unexpected outbound communication attempts on UDP 3544 from a newly deployed Windows 7 installation.
“…..dstip=“126.96.36.199” proto=“17” length=“89” tos=“0x00” prec=“0x00” ttl=“127” srcport=“64379” dstport=“3544“…..”
After quick a quick Google search it became apparent that this was related to “Teredo”
A Teredo client is an IPv6/IPv4 node that supports a Teredo tunneling interface through which packets are tunneled to other Teredo clients or nodes on the IPv6 Internet (via a Teredo relay). A Teredo client communicates with a Teredo server to obtain an address prefix from which a Teredo-based IPv6 address is configured or used to facilitate communication with other Teredo clients or hosts on the IPv6 Internet.
The Teredo relay listens on UDP port 3544 for Teredo traffic.
To disable open a command prompt and issue the following command
1. netsh interface
3. set state disabled
This will stop the outbound UDP 3544 traffic
Leave a Reply