How to block asf-rmcp (623/udp)?

[blazingice]

I'm using an old Dell Laptop (E7440) as home server. A nmap scan shows the following udp port open:

PORT    STATE         SERVICE
623/udp open|filtered asf-rmcp

This took me by surprise as the firewall rules should have blocked all of the udp ports apart from 445 and 2049. Here is my etc/pf.conf

xt_if="em0"

tcp_services = "{22 445 2049}"
udp_services = "{445 2049}"

set block-policy return
scrub in on $ext_if all fragment reassemble
set skip on lo

table <jails> persist
nat on $ext_if from <jails> to any -> ($ext_if:0)
rdr-anchor "rdr/*"

block in log all

pass out quick keep state
antispoof for $ext_if inet
pass in inet proto tcp from any to any port $tcp_services flags S/SA keep state
pass in inet proto tcp from any to any port $udp_services keep state

It seems that 623/udp is used by some kind of remote monitoring protocol:
ASF = Alert Standard Format
RMCP = Remote Management and Control Protocol

However, I don't know how to remove it or take advantage of it. I have looked at bios settings to see if this could be switched off, but no success. It is also a bit strange that PF can't block it, unless I'm missing something.

Does anyone have experience with similar protocols? Any advice about security risk?

 

[SirDice]

       open|filtered
           Nmap places ports in this state when it is unable to determine
           whether a port is open or filtered. This occurs for scan types in
           which open ports give no response. The lack of response could also
           mean that a packet filter dropped the probe or any response it
           elicited. So Nmap does not know for sure whether the port is open
           or being filtered. The UDP, IP protocol, FIN, NULL, and Xmas scans
           classify ports this way.

nmap(1)