Wondering what people are using to test their sites for open ports or other types of vulnerabilities?
I know there are some free web-based services, but whenever I try to check all 65535 ports, it times out (i.e., fails).
I use nmap on a laptop running Linux. You need to be on a different network (remote location) and make sure you run the test against the target WAN IP.
My problem is that I’m never on a network that is not VPN’d to the original.
I guess I could use a laptop connected via wifi to a cellphone that is using cellular connection.
That might work though cellular tends to be less clean what with latency and jitter etc. It’s not possible to run these tests from a non vpn’ed vlan or from home or a friends or something?
No place comes to mind.
I just ran Advanced Port Scanner (Windows) on a mini-PC connected to my iphone’s hotspot with the iphone using cellular and it seems to have work.
what I discovered is that all of my sites have FTP open and 2 of them also have port 21 open.
I thought FTP uses port 21, but for some reason the program identifies them as different.
And, I have no idea how or why my sites show either of those ports open.
I’ll download nmap for Windows and try again.
Maybe the cellular provider takes over some random ports and remaps them behind the scenes to selfmanaged services (eg. FTP) and does not inform users about that? Casual users are not aware that these ports are unusable as browsers do open so many connections and drop ones not rersponding in an expected way. Users do not even notice that fact or just see it as a short term traffic hiccups till new working ports are activated.
What I do for ALL of the installations I manage is change the FTP port from 21 to something else … i.e: 2550
That is a good security practise.
You may find the following helpful regarding ShieldsUp
https://forums.grc.com/threads/shieldsup-through-a-vpn.664/
You can just have it on port 21. Then only allowed IP from your whitelist.
To get on the whitelist, you can use port knocking.
You can just scan all port to see of some respond, like ftp on 2550. Then script will start to brute force attack against the port.
I do also have a rule so that If some tries one of the 65000+ ports that are not open, they will be blocked for all access for 24 hours.
Prevents them from port scan.
Jotne,
Why not simply drop and be done with it ? Same net result but less effort.
I allow what I want to allow and all the rest gets dropped without any further comment/follow-up/whatever. I am not even looking at it.
Otherwise it still requires resources from your device to manage it all.
Just curious …
Generally yes … except for services you need and you don’t know upfront from which IP address … and you can’t establish wireguard tunnel (and even that would benefit from being behind port-knock).
IMO nowdays need for FTP service is not real (use SCP at least) …
Hence: I allow what I want to allow like indeed wireguard, I allow the 2 ports I need for it since I have 2 separate tunnels terminating on my home router and if it was not for my mobile devices, I could even whitelist the IP’s used since they are static, except for laptop and smartphone.
But the rest gets dropped. No mercy. I don’t care about that counter.
Poor misdirected packets 
.
I recently did a whole series of nmap tests through my phone hotspot against the IPv6 WAN interface of a secured Mikrotik router. Very strangely they often showed common ports like TCP 80 open for connections. Other tests like telneting would seem to show half-open connections that never completed, but packet captures would never catch the syn-syn. It seems that the telco does some funny business with these http connections. I cant find any indication the firewall filters are actually leaking. Be careful out there!
Take your laptop to your local Starbucks or other establishment that has public WiFi and use that. Do make sure your laptop is properly firewalled so it does not pick something up…
It’s not my laptop I’m concerned about picking something up at a local Starbucks (it’s me)…
But good advice nonetheless 
Flu ?
Covid ?
Plague ?
… or more simply some really bad coffee?
Starbucks ?
Yeah, I don’t understand the hype of it … nor the fact they insist on writing your name on your cup.
But we are getting OT here …
The entire coffee thing is bizarre.
Here in NYC we have a coffee place probably every 300’ (100 meters) (on average). My theory is that there is nothing whatsoever to sell besides food, alcohol and coffee in NYC (secondarily, personal services like hair, nail, dry cleaning), so thousands of people come up with the “genius” idea of opening a coffee plan. It’s just part of NYC’s massive and accelerating downward economic spiral.
Too political?