NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

cryptoz's avatar
cryptoz
Aspirant
May 13, 2018
Solved

WNR3500Lv2 Open Ports

Hello,

I have set up this router with wifi off, dhcp off, Upnp off and only ports 8080, 8096 forwarded to backend servers.  nmap scan shows 

Discovered open port 443/tcp on 65.152.255.209
Discovered open port 8080/tcp on 65.152.255.209
Discovered open port 53/tcp on 65.152.255.209
Discovered open port 21/tcp on 65.152.255.209

(fake IP)

My aphache server does not suport https yet so no servers on 443, I have local Bind9 server but pretty sure it is not setup for zone forwarding and nothing is running ftp.  How do I close all the ports except the ports I want and where is the firewall config page?  Any good alternate firmware?

Security
  • cryptoz's avatar
    cryptoz
    May 15, 2018
    wow what a pain... the ports are default services in the router that are open regardless if you use the service or not and can be closed by explicitly disabling the services... Advanced Tomato is an excellent alternative to this garbage interface, and I'm sure the support is better too because the bar is pretty low

3 Replies

  • antinode's avatar
    antinode
    Guru
    May 15, 2018

    > [...] nmap scan shows [...]

       Run from a system on your LAN, or from the outside world, or whence?

    > (fake IP)

       Is it a "fake" LAN address, or a "fake" public address, or what?

    > [...] How do I close all the ports except the ports I want [...]

       That might depend of what we're looking at.  When desperate, adding a
    port-forwarding rule which points to a vacant port/address can be
    effective.

    > [...] and where is the firewall config page?

       Is there one?  If you don't already have the appropriate user manual
    for your device, then visit http://netgear.com/support , put in your
    model number, and look for Documentation.  Get the User Manual.  Read.

    • cryptoz's avatar
      cryptoz
      Aspirant
      May 15, 2018
      wow what a pain... the ports are default services in the router that are open regardless if you use the service or not and can be closed by explicitly disabling the services... Advanced Tomato is an excellent alternative to this garbage interface, and I'm sure the support is better too because the bar is pretty low
      • antinode's avatar
        antinode
        Guru
        May 15, 2018

        > wow what a pain...

           I agree.

        > the ports are default services in the router that are open regardless
        > if you use the service or not and can be closed by explicitly disabling
        > the services...

           Thanks for the (redundant) explanation.

        > [...] I'm sure the support is better too because the bar is pretty low

           If you want "support", then you should probably talk to Netgear.  If
        you want to discuss your complaint, then providing some basic
        information might help.  A Web search for "life is like a sewer" should
        find some relevant general advice.