Your forum username:
Do you already have an account?
Forgot your password?
  • Log in or Sign up


    Welcome to Sky User - The Unofficial Support Forum for everything Sky! - Proudly helping over 65k members.


    Advertisement

    Results 1 to 5 of 5

    Certain ports open by default

    This is a discussion on Certain ports open by default within the Sky Router forums, part of the Sky Broadband help category; I'm not sure if this has been mentioned anywhere already, but a quick search for the ports drew a blank... ...

    1. #1
      Tezcatlipoca's Avatar
      Tezcatlipoca is offline Sky User Moderator
      Exchange: Cambridge (EACAM)
      Broadband ISP: Sky Fibre Unlimited Pro
      Router: Sky Hub SR101
      Sky TV: Sky+HD box
      Join Date
      Feb 2007
      Location
      Cambridge
      Posts
      855
      Thanks
      13
      Thanked 7 Times in 7 Posts

      Certain ports open by default

      I'm not sure if this has been mentioned anywhere already, but a quick search for the ports drew a blank...


      With my old ISP, I used to use a Netgear DG834G.

      Once, while having a look at the Netgear forums for something else, I saw various threads regarding some ports which were apparently open by default on the DG834G - irrespective of firmware version, & despite the built-in "BLOCK ALL INCOMING" rule.

      They were:

      AIM : TCP : 5190

      paradym-31 : TCP & UDP : 1864

      pharos : TCP & UDP : 4443

      udpplus : TCP & UDP : 5566

      "40k range" : TCP & UDP : 40000-40099




      I then tested these ports at Home of Gibson Research Corporation using the "ShieldsUp Custom Port Probe", & lo & behold, they were in fact open. Tried different firmware....ports still open. There were many threads about it at the Netgear forums, & no-one seemed to know why these were open or if Netgear would ever shut them.


      I then created some services & firewall rules in my DG834G, & closed these strangely open ports. And then duly forgot all about it.


      After recently remembering this, I thought I'd try these ports again on my Sky DG834GT, & see if they were open on this too........They were.

      So, I've now created the same services & rules as before, & blocked them all [the AIM one already has a service though, so just needs a rule].


      Anyway. Very odd. No idea why Netgear leave these open, if it's really such a problem or not, & if they'll ever close them in firmware.


    2. Advertisement
    3. #2
      NewsreadeR's Avatar
      NewsreadeR is offline Site Founder
      Exchange: Marshalls Cross
      Broadband ISP: Sky Broadband Unlimited
      Router: Sagem F@ST 2504n
      Sky TV: Sky+HD box
      Join Date
      Aug 2006
      Location
      St Helens
      Posts
      22,211
      Thanks
      108
      Thanked 373 Times in 304 Posts
      Blog Entries
      48

      Re: Certain ports open by default

      Wierd I did a test before and got

      Your system has achieved a perfect "TruStealth" rating. Not a single packet solicited or otherwise was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice.




      ~ Never, ever, argue with an idiot. They'll drag you down to their level and beat you with experience ~

      Follow us on Twitter @skyuser

    4. #3
      Tezcatlipoca's Avatar
      Tezcatlipoca is offline Sky User Moderator
      Exchange: Cambridge (EACAM)
      Broadband ISP: Sky Fibre Unlimited Pro
      Router: Sky Hub SR101
      Sky TV: Sky+HD box
      Join Date
      Feb 2007
      Location
      Cambridge
      Posts
      855
      Thanks
      13
      Thanked 7 Times in 7 Posts

      Re: Certain ports open by default

      Was that for one of the general ShieldsUp tests though? ("Common Ports" or "All Service Ports"). The ports in question aren't tested by either of those.

      I did a "User Specified Custom Port Probe" for each one.

    5. #4
      mossywell's Avatar
      mossywell is offline Sky User Member
      Exchange: LSMEPK
      Broadband ISP: Max
      Router:
      Sky TV:
      Join Date
      Sep 2006
      Location
      London, UK
      Posts
      789
      Thanks
      0
      Thanked 11 Times in 4 Posts

      Re: Certain ports open by default

      Well spotted, Sir!

      Before I joined Skyuser, I posted the open ports on, er, a different forum. Over there, no one seemed interested so I shut up about it. However, you are indeed right. The open ports are actually the reaim ALG which was in the original open source firmware and never got cleared out by Sky*. I've not checked, but I don't think it's configured, so it just sits there doing nothing. The port rules via the web interface effectively "override" the ALG, so if you do, for example, run 5190 internally, the port rules will work fine.

      I personally disable it using killall reaim.

      *Not a security risk as such and I don't believe it is a cause of bugs, but a bit shoddy, IMHO. I guess they were pushed for time (or didn't know what it was: you take your pick)!
      IQ album "Dark Matter" artwork reproduced with permission. See www.gep.co.uk/iq for more information.

    6. #5
      Tezcatlipoca's Avatar
      Tezcatlipoca is offline Sky User Moderator
      Exchange: Cambridge (EACAM)
      Broadband ISP: Sky Fibre Unlimited Pro
      Router: Sky Hub SR101
      Sky TV: Sky+HD box
      Join Date
      Feb 2007
      Location
      Cambridge
      Posts
      855
      Thanks
      13
      Thanked 7 Times in 7 Posts

      Re: Certain ports open by default

      Cheers for the explanation

     

     

    Tags for this Thread

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •  
    SkyUser - Copyright © 2006-2017. SatDish and NewsreadeR | SkyUser is in no way affiliated with Sky Broadband / BSkyB
    RIPA NOTICE: NO CONSENT IS GIVEN FOR INTERCEPTION OF PAGE TRANSMISSION