10 Mar 12 - 03:07 AM (#3320787) Subject: Tech: Port Query From: GUEST,Andrez Hi Just a quick tech question that I cant find a straight forward answer to through Google and am hoping that a tech guru like maybe John in Kansas might be able to help with a clear answer. I did a brief port scan of my router with the following results: Open TCP Port: 21 ftp Open TCP Port: 22 ssh Open TCP Port: 23 telnet Open TCP Port: 80 http Open TCP Port: 1863 msnp Open TCP Port: 1864 paradym-31port Open TCP Port: 4443 pharos Open TCP Port: 5190 aol Open TCP Port: 5566 udpplus I have no probems with the first four ports but am curious about the others. I am guessing that port 1863 msnp has something to do with Microsoft msn. Since I run various flavours of Windows in either hardware or emulation mode thats not unreasonable and while I'm not that happy with Microsoft accessing any info re my system I don't think it can be helped given the constant flow of security fixes that need downloading. I'm guessing that port 5190 has something to do with America Online but I could be seriouly mistaken here. If correct though, I'll close that connection unless for some unfathonable reason it has to stay open..... I'm a big privacy freak when it comes to my personal IT setup! The real puzzles are ports 1864 paradym-31port and ports 4443 pharos. Can anyone, John or otherwise tell me what services these ports are enabling and the pros and cons of closing them off on my router a Netcomm NB9WMAXXN. Thanks in advance folks, Cheers, Andrez |
10 Mar 12 - 03:09 AM (#3320788) Subject: RE: Tech: Port Query From: Andrez Reset cookie, now acting as self and not guest once more. Cheers, Andrez |
10 Mar 12 - 03:52 AM (#3320802) Subject: RE: Tech: Port Query From: Joe Offer Hi, Andrez- OK, so you're beyond me already. How does one do a port scan? -Joe- |
10 Mar 12 - 04:57 AM (#3320813) Subject: RE: Tech: Port Query From: treewind If you want to port scan your own network, you have to get someone else to do it for you. I think there are web sites that will do it - basically they try to connect to your computer via your ADSL link on every port number and see if they get a response, then send you back a list of which ones responded. To get a response, your router has to allow the connection in AND your computer has to have some process listening on that port number. Port numbers are what identifies an incoming packet so the computer knows which running process to send it to. There are well known standard numbers like 80 for a web server and 21, and 23 for ftp, for example. |
10 Mar 12 - 07:18 AM (#3320864) Subject: RE: Tech: Port Query From: JohnInKansas You can go to almost any of the AV providers and get a "remote scan" for infections, and the better ones offer a more general "security scan" that will identify any improperly open ports you might have. Since I use Norton, I usually go there, and they have had a scan that well check whether you have a port open that presents a security risk. The ports that they confirm are open for a "normal" purpose generally aren't mentioned in the report that they give you, but the scan will tell you if you have one that shouldn't be open. (Win2K had one port they didn't like, that couldn't be closed without trashing the machine, but most other recent Win versions should theoretically be capable of being "invisible" to unathorized outside intruders.) I can't speak to the other providers who offer similar scans, but Norton may take you to a page to show you what they offer to "make everything beautiful" after the scan report is done; but they don't hassle you with any high pressure salesmanship. I don't have a link handy, but it shouldn't be hard to find with either Norton or Symantec as a search term. Just make sure you go to their "real" site (or a real one for another AV maker of your choice) as "scareware" that tries to look like they'll do things for you (but end up doing things to you) are far too common. John |
10 Mar 12 - 08:50 AM (#3320886) Subject: RE: Tech: Port Query From: Nick There is a discusion from some years back that is errily familiar that suggests it may be a firmware bug with netgear and that you are not alone. Means little to me though! What are these open ports on my router? |
10 Mar 12 - 08:58 AM (#3320889) Subject: RE: Tech: Port Query From: Andrez Hi folks, the port scan I ran was internal to my network. I use a mixed Mac & PC environment and all I did was using Mac Software IPNetMonitor X (V 2.6c) details at http://www.sustworks.com/site/prod_ipmx_overview.html and ran the port scan function on the IP addresss of my primary router. Having said that, I ran the scan again at the basic router IP address and got the following results: Port Target Type Description 21 IPs deleted TCP FTP 22 ................. TCP ssh 23 ................. TCP Telnet 80 ................. TCP HTTP 554 ................. TCP RTSP 5431 ................. TCP A check of the list at IANA gives me a name and an email as to who the assignee of port 5431happens to be but nothing more specific. As I dont know the 'owner'of port 5431, I will look to close access to that port and take note of any consequences or otherwise for my comms and network. The 'owner" of " Open TCP Port: 4443 pharos" is someone in Germany with whom I also have no known connection, but clearly based on the current scan that port is no longer open. That said I'd still like to know more about 4443 pharos and what it is about. FYI re my first post, I found that I had thought that the list of ports I first posted were the result of running a script to initiate the IPNetMonitor port scan. This wasnt the case it was simply an older text file that simply read: "Port Scan has started ..." and then had the list details underneath, so it wasnt a current listing of open ports I just assumed it was. My apologies for that error. That said, I'm still curious about how those specific router ports could have been opened in the first place. This really isnt my forte and I dont have the time at present to do the research. Will have to check my router firewall a little more closely. Cheers, Andrez |
10 Mar 12 - 09:10 AM (#3320893) Subject: RE: Tech: Port Query From: Stilly River Sage In my library world pharos is the name of the software program that manages the connection between campus computers and the printer system. Don't know if it has anything to do with your ports, however. I use Shields Up to take a look at the security of my computer. It will run any number of tests you ask it to. SRS |
10 Mar 12 - 09:22 AM (#3320898) Subject: RE: Tech: Port Query From: Stilly River Sage While I'm at it, I'll throw another consideration into the security pot and stir around. This is on the page I just linked to at Shields Up: The text below might uniquely Indeed! SRS |
10 Mar 12 - 09:43 AM (#3320903) Subject: RE: Tech: Port Query From: Stilly River Sage I just ran the test on "Checking the Most Common and Troublesome Internet Ports"
You can also look at all of them - there is a page to "Determine the status of your system's first 1056 ports" and you can see what everything is called.
SRS |