Menu
What's new
By:
Filters Better Search

Unexpected open port.

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

T

TomT

Regular Contributor
Hi
I've just done a couple of online scans and they have reported port 8000 is open.

I've no port forwarding rules setup for this so I'm wondering how it is open.

Any ideas how I can track this down?

For now I've added a rule that routes 8000 to a none existent IP address.

Thanks.
 
Thanks.
I did enable uPnP for my sons XBOX a couple of days back, so that could be it.

Any logs etc that will show the IP that opened it ?

Thanks
 
Quick update.
Looking at 'System Log - Port Forwarding' I can see the IP Address that has opened the port using uPnP.

Looks like one of my IP cameras has opened several ports. I've disabled uPnP on the camera and now 8000 is showing as stealth.
Not sure why the camera felt it needed these ports open, but it's not being accessed externally so having them closed shouldn't be an issue.

Thanks
 
TomT said:
Not sure why the camera felt it needed these ports open
Click to expand...

Now you understand why recent large scale DDoS attacks used those cameras and other similar IoT devices to generate multiple hundreds of gigabits of traffic. Those are insecure out of the box in a lot of cases.
 
Quite worrying that a decent brand leave the camera open to the world.
I'll make sure I check the next one when I put it up later this week.
 
TomT said:
Quite worrying that a decent brand leave the camera open to the world.
I'll make sure I check the next one when I put it up later this week.
Click to expand...

unfortunately its part of the allure of IoT and cloud based devices , they have to open ports so you can access the devices from outside your home , eg i saw an add for a door bell system that you can answer the door from anywhere in the world , without having these ports open that wouldnt be possible

the real choice here is weather you want that convenience or not and if so thats the price you pay
 
RMerlin said:
Now you understand why recent large scale DDoS attacks used those cameras and other similar IoT devices to generate multiple hundreds of gigabits of traffic. Those are insecure out of the box in a lot of cases.
Click to expand...

That's why running OpenVPN, SSH, Samba, BitTorrent, and other services on the same box that is the gateway and firewall is also such a not good idea...

just saying...
 
TomT said:
I've just done a couple of online scans and they have reported port 8000 is open.
Click to expand...

One thing to also consider is that your ISP may have that port open as a proxy - need to understand more there before jumping - if you are not exposing any services to the outside world, and you still see that port open from an external scan...
 
Since disabling uPnP on the camera, all the ports are closed.
I'm not bothered about seeing a live feed from it when away from home, it emails me snapshots if anything happens and that seems enough for now.

I'll run another scan when my son has his xbox one on and see what thats opened..
 
It's a good thing that you're looking into it considering the recent DDOS botnet attacks...
 
sfx2000 said:
That's why running OpenVPN, SSH, Samba, BitTorrent, and other services on the same box that is the gateway and firewall is also such a not good idea.....
Click to expand...

What is the advantage of having these servives on dedicated servers behind the router (rather than in it); you'd still have to ensure the ports in question are unfiltered in the router's firewall and then forward those ports to your servers running SSH, OpenVPN etc? (I'm not being facetious or argumentative: I'm genuinely interested in your comments.). Back in January I wrote in a posting on this forum: "My gut instinct is that the less extraneous stuff running on the router the better, for reasons of security, stability and performance.". So I'm interested to back up gut instinct with something more scientific!
 
Last edited:
martinr said:
What is the advantage of having these servives on dedicated servers behind the router (rather than in it); you'd still have to ensure the ports in question are unfiltered in the router's firewall and then forward those ports to your servers running SSH, OpenVPN etc? (I'm not being facetious or argumentative: I'm genuinely interested in your comments.)
Click to expand...
I do agree with sfx2000.
What we nowadays call a router (for home use) is no longer just a router. The WRT54 was trendsetter, even advertised such as "router + 4-port switch + wireless access point in one". A good step for home users.
These days home routers tend to be "router + 4-port switch + wireless access point + NAS + Samba + BitTorrent + network safeguard + Open VPN Server + much more in one".
In case of Asus, all routers run close to the same software, with the nearly the same features. My RT-N66U does close to the same as my RT-AC68U, the major difference is support for AiProtection (which I do not use). Of course the RT-AC68U has more CPU power, that helps the higher throughput on 802.11ac.
The reliable parts of the routers are usually the "router + 4-port switch + wireless access point". Very worth the money (as long as you make conservative choices).
How much more expertise and performance do you expect in an average USD 150 box?
The advertised extras are the commercial selling items that color the carton box and they are the trouble makers (check te forums), do not use them or at least don't expect miracles.

Main advise: disable UPnP in the router (default), keep an eye on security related firmware updates and stay in control.
 
I've run my router with uPnP disabled for years. But my son has always complained his xBox doesn't work correctly.
I'd opened all the ports I could find for him, but nothing helped. The xBox always shows NAT MODE Strict.

He came to me a few weeks back and asked if we could try uPnP enabled. Since then his xBox has worked much better.
NAT MODE is Open and he's not having any issues.

As fas as I'm aware the xBox is the only device with uPnP enabled.
I'll keep checking 'System Log - Port Forwarding' and see if anything new appears. I've just checked and it all looks good.

Thanks
 
You must log in or register to reply here.

Similar threads

brentil
RT-AX88U Pro Port Forwarding not working
Replies
1
Views
195
brentil
brentil
R
ASUS RT-AX86 Open VPN No LAN Access
Replies
18
Views
1K
Celo
C
P
Can’t forward new ports (just old ones)
Replies
4
Views
543
ColinTaylor
C
S
Open ports query on AX88U
Replies
6
Views
938
Viktor Jaep
Viktor Jaep
TanyaC
cannot add domain to router URL filter
Replies
15
Views
1K
TanyaC
TanyaC
Similar threads
Thread starter Title Forum Replies Date
A Open NAT game profiles Asuswrt-Merlin 8
D Nord Open VPN client connected but not secure? Asuswrt-Merlin 1
J Max number of open NAT connections on GT-AXE16000 and GT-BE98 Asuswrt-Merlin 9
R ASUS RT-AX86 Open VPN No LAN Access Asuswrt-Merlin 18
T Open ports on WAN for service running on the router Asuswrt-Merlin 8
S Open ports query on AX88U Asuswrt-Merlin 6
John Tetreault How to open ipv6 firewall to a port on the router? Asuswrt-Merlin 7
adri Firewall, Port Forwarding, and DoS Question Asuswrt-Merlin 6
R Disable Intranet access for a LAN port (not the WiFi Guest network)? Asuswrt-Merlin 13
ollimoe RT-BE88U and Dynamic WAN Port MAC? Asuswrt-Merlin 0

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 887 (members: 40, guests: 847)
Top