Shields-up scan showing Port 22 (SSH) open and many non-stealth ports

alokeprasad · ‎2021-01-11

This is my 3rd attempt to post this. The posts never show up! Sorry if these are duplicates.:

Ran Shields-up port scan from GRC.com on a wired PC connected to the router.

The results should be all stealth ports (not responding to the port probes), but the results are not good (see attached).

On my previous router (R9000), all ports used to be "stealth".

More important, port 22 (used for SSH) is open to outside connections!

How do I fix this?

uPnP, remote management, IPv6, Telnet are all disabled.

FURRYe38 · ‎2021-01-11

Was this test performed with only the RBR online with 1 wired PC and ALL wired and wireless devices disconnected from the RBR? Including turning OFF all RBS as well.

CrimpOn · ‎2021-01-11

@alokeprasad wrote:
Ran Shields-up port scan from GRC.com on a wired PC connected to the router.
The results should be all stealth ports (not responding to the port probes), but the results are not good (see attached).
More important, port 22 (used for SSH) is open to outside connections!

I just LOVE Shields Up!. Alas, I cannot duplicate those results. When I run Shields Up! on my Windows PC, it report all ports on my public IP are stealth. Also, one of the disappointing things about the Orbi is that Netgear provides telnet access (on the LAN side), but not SSH access. If SSH is not open on the LAN side, it is a "stretch" to think that it would be open on the WAN side.

What ISP device is this Orbi connected to?

Could it be possible that Shields Up! is checking the ISP device rather than the Orbi?

FURRYe38 · ‎2021-01-11

Here is my test results with just 1 wired PC connected to the RBR50, v102:

This will look different depending on what devices are accessing the ports for internet services which would be normal.

You need to check your devices to see what has your ports open or being used.

alokeprasad · ‎2021-01-12

Thanks for the input.

I found the culprit. ProXPN VPN was doing this when using IPSec to connect to their servers.

Disconnecting from their service restored the full stealth for the ports. I could find nothing in their KB on why this happens and very poor support. I have removed ProXPN, and will look for a better supported cross-platform VPN product.

alokeprasad · ‎2021-01-12

Of course, when I'm connected to ProXPN, Shields-up is querying their IP address and not mine.

Regardless, the product is dated and they don't have any iOS app anymore. It is about time I moved on to a better rated VPN service (ExpressVPN?).

What do others here see at Shields-up port scan when connected to their VPN provider?

Do open or non-stealth ports mean nything when connected to commercial VPN services?

Shields-up scan showing Port 22 (SSH) open and many non-stealth ports

Shields-up scan showing Port 22 (SSH) open and many non-stealth ports

Re: Shields-up scan showing Port 22 (SSH) open and many non-stealth ports

Re: Shields-up scan showing Port 22 (SSH) open and many non-stealth ports

Re: Shields-up scan showing Port 22 (SSH) open and many non-stealth ports

Re: Shields-up scan showing Port 22 (SSH) open and many non-stealth ports

Re: Shields-up scan showing Port 22 (SSH) open and many non-stealth ports