I found the cause from a helpful thread at http://forums.debian.net/viewtopic.php?f=10&t=95273
The NSUPDATE dns functionality in dhclient automatically causes it to listen on two random UDP ports. This could pose a security issue since the client will accept packets on these ports. The current fix is to modify the source code to disable the functionality as per the thread mentioned above. Doing so stops it from listening on the random ports. I have filed a bug with ISC, bug number [ISC-Bugs #33377] asking for documentation about this feature (none exists currently about why the ports are opened) as well as a run-time configuration option with a default value to disable it. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1176046 Title: isc-dhcp dhclient listens on extra random ports To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/isc-dhcp/+bug/1176046/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
