Hi
I ran a quick port scan with Nmap and I found out such a port 514 filtered shell.
Could you please tell me what it is about and if I should do something with it?
Thanks
Port 514 is https://en.wikipedia.org/wiki/Remote_Shell - your ISP likely filters it to prevent insecure services.
The fact that all your ports aren’t filtered though suggests you have an improper firewall setup.
https://www.speedguide.net/port.php?port=514
514 UDP Syslog
514 TCP Remote shell
But you can use nearly all port to other stuff if you like.
Ok,
most importantly, should I close/block it? How?
Should I remove “remote” in the action tab in the logging windows
Thanks
If someone say “Remote_Shell” is not the same written “remote” somewhere…
Is clear than “remote” on logs has nothing to do with any firewall rule or opened services inside routerboard…
if you open “remote” is just a “remote” server where the log must be sent (syslog)
If you do that question, probably your firewall is a mess.
You use random tools without understand for what are for, and probably copy & paste rules everywhere from web or youtube, etc.
If you keep DEFAULT rules on the RouterBOARD, the firewall is already well configured…
You seems to like making fun of users here rather than giving useful answers.
If helping people annoys you that much, you are entitled not to post any answer. I don't think most of users will bother or notice.
Thanks anyway.
For sure I’m an idiot, but read twice the joke and you can learn something for sure…
I do not see any joke here.
To help out, please post the config.