Windows XP/Server 2003 may be listening on UDP Port 53


Windows XP and/or Windows Server 2003 may be unexpectedly listening on UDP Port 53 and/or even responding to DNS queries.

netstat -aon | find ":53 "


UDP *:* 1234

Where 1234 is the process ID being used for svchost session for SharedAccess service.


Internet Connection Sharing (ICS) is enabled on the machine and it would be acting as a DNS Proxy on the internal (non public) interface.


If the network card that ICS was enabled on still exist in Control Panel/Network Connections then you can simply right click on the network interface and select Properties then click on the Advanced Tab. Uncheck Allow other network users to connect through this computer's Internet connection.

If the network adapter is no longer present in the system then you could do the following

1) Take a system state backup of the machine

2) From a cmd prompt run: "Netsh firewall show config verbose=enable > fw.txt & fw.txt" (without the quotes) in order to get a listing of the current firewall configuration and rules.

3) From the cmd prompt run: "netsh firewall reset" (without the quotes) this will reset the machines firewall settings (including ICS) back to default. By default, ICS is not enabled.

4) If needed, then using the fw.txt above you could then re-add any customized firewall settings.

More Information
netsh firewall show config verbose=enable
in Appendix E shows an example of doing firewall rules in an unnattend.txt file

Id. de artículo: 2755279 - Última revisión: 21 sept. 2012 - Revisión: 1