Wednesday, April 6, 2016

Event ID 4957 Local Port resolved to an empty set

The Security Event Log records Event 4957 "Local Port resolved to an empty set". This refers to the Windows Firewall, and records the fact that you may have a firewall rule to allow packets to pass to a service or application that does not exist. A common example would be the canned rule to allow Teredo traffic. Unless you use Microsoft's 'Direct Connect' product, or some other IPv6 tunneling technology, your server is not listening for that traffic, and the rule is not needed. The solution, of course, is to delete that rule.

The bad news is that this adds to the list of unnecessary rules in the Microsoft canned rule set, the good news is that, unlike any other firewall technology I know of, the Microsoft firewall will alert you to 'allow rules' that are not needed.


1 comment:

  1. i want this article to finish my assignment within the faculty, and it has same topic together with your article. Thanks, nice share.