NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Open Ports (WAN side) on R7000 Router
An nmap scan (WAN side) on my R7000 router indicates that there are two ports open on my R7000 router: 80/tcp (http) and 1720/tcp (h323q931). My method to perform a WAN side scan on the router is to...
I think I have the problem solved (or at least narrowed down substantially), and neither the router (or modem) are the cause of the open ports discovered with nmap. Looks like it has something to do with ISP (Comcast) i.e. I think I am hitting my ISP first, which is showing open ports for 80 and 1720.
I first disconnected every device from the network, rebooted ther router, and then hit my public IP address with nmap (WAN side, from an outside network). Still open ports, so not any of the devices. Then I powered down the router, waited 10 minutes, and tried again. Still open ports, so not the router. And then I powered down the modem, waited 10 mins, tried again, and still got the open ports on my public IP address! I'm not sure how it that all works, but apparantly I am hitting my ISP first with nmap (or something of that nature).
Thanks for all of your efforts to help me trouble shoot! --maap.
Thanks very much IrvSp.
I am receiving the same exact response from GRC ShieldsUP, and I have the same on the WAN setup page i.e. only Disable IGMP Proxying is checked. I don't have any ports set up for forwarding and am not running a web server or anything unusual.
Given the ShieldsUP response, I am relatively confident that my network is secure, although I am keen to get to the bottom of this. I ran several more intense nmap scans to try and grab the banner, but the most I could get are "http?" for port 80 and "h323q931?" for port 1720. I also could not get any info with telnet on these ports. This suggests to me that there may not actually be a service responsible for opening these ports in the traditional sense. As you suggest, I wonder if nmap's report on ports 80 and 1720 is related somehow to the cable model (Motorola SB6141). I looked at the modem gui, and could not find any information in the configuation though regarding opening/closing ports.
Welcome any additional thoughs, theories, or ideas. Thanks! -maap
Very odd indeed?
I also have/had the SB5141 (exchanged it for a UBEE DVW3201 on Fri.) but my test was done with the UBEE??? Hmm....
Might be worth trying to have your F/W block incomming if you can? Then test again... see where it is coming from, the PC or router?
NETSTAT -a should show all the open ports for your PC, does that show those open?
I think I have the problem solved (or at least narrowed down substantially), and neither the router (or modem) are the cause of the open ports discovered with nmap. Looks like it has something to do with ISP (Comcast) i.e. I think I am hitting my ISP first, which is showing open ports for 80 and 1720.
I first disconnected every device from the network, rebooted ther router, and then hit my public IP address with nmap (WAN side, from an outside network). Still open ports, so not any of the devices. Then I powered down the router, waited 10 minutes, and tried again. Still open ports, so not the router. And then I powered down the modem, waited 10 mins, tried again, and still got the open ports on my public IP address! I'm not sure how it that all works, but apparantly I am hitting my ISP first with nmap (or something of that nature).
Thanks for all of your efforts to help me trouble shoot! --maap.