Community discussions

MUM Europe 2020
 
silverstr8p
newbie
Topic Author
Posts: 38
Joined: Wed Nov 13, 2013 3:47 am

Port 200 TCP etc. open and telnet by default?

Fri May 19, 2017 11:02 pm

I'm looking at open ports on an RB3011 and by default Telnet is open, why? That's horrible. Why is FTP enabled by default? I disabled them both. Also, I noticed port 200 TCP open and a several others, what are they all for? The WebUI says:
api 8728
aoi-ssl 8729
ftp 21
ssh 22
telnet 23
winbox 8291
www 80
www-ssl 443
But here's what netcat thinks:
#:> nc -z -n -v 192.168.10.25 1-10000 2>&1 | grep succeeded
Connection to 192.168.10.25 port 21 [tcp/*] succeeded!
Connection to 192.168.10.25 port 22 [tcp/*] succeeded!
Connection to 192.168.10.25 port 23 [tcp/*] succeeded!
Connection to 192.168.10.25 port 53 [tcp/*] succeeded!
Connection to 192.168.10.25 port 80 [tcp/*] succeeded!
Connection to 192.168.10.25 port 200 [tcp/*] succeeded!
Connection to 192.168.10.25 port 443 [tcp/*] succeeded!
Connection to 192.168.10.25 port 2000 [tcp/*] succeeded!
Connection to 192.168.10.25 port 3128 [tcp/*] succeeded!
Connection to 192.168.10.25 port 8080 [tcp/*] succeeded!
Connection to 192.168.10.25 port 8291 [tcp/*] succeeded!
Connection to 192.168.10.25 port 8728 [tcp/*] succeeded!
Connection to 192.168.10.25 port 8729 [tcp/*] succeeded!
According to IANA, port 200 TCP is "IBM System Resource Controller", uh, okay. I'm guessing some of the others are used for non-standard things?
 
Revelation
Member
Member
Posts: 338
Joined: Fri Dec 25, 2015 5:59 am

Re: Port 200 TCP etc. open and telnet by default?

Sat May 20, 2017 6:16 am

I'm looking at open ports on an RB3011 and by default Telnet is open, why? That's horrible. Why is FTP enabled by default? I disabled them both. Also, I noticed port 200 TCP open and a several others, what are they all for? The WebUI says:

According to IANA, port 200 TCP is "IBM System Resource Controller", uh, okay. I'm guessing some of the others are used for non-standard things?
It's the user's responsibility to lock their device down.
I mean, sheesh, why would they ship a device that has a default admin account with no password; what were they thinking.... /sarcasm
 
silverstr8p
newbie
Topic Author
Posts: 38
Joined: Wed Nov 13, 2013 3:47 am

Re: Port 200 TCP etc. open and telnet by default?

Sat May 20, 2017 8:11 am

A quick masscan of the web I'm sure would prove that they don't, or don't know how to. Look at all the issues with default passwords. Why would telnet need to be open by default.
 
User avatar
che
Frequent Visitor
Frequent Visitor
Posts: 94
Joined: Fri Oct 07, 2005 1:04 pm

Re: Port 200 TCP etc. open and telnet by default?

Sat May 20, 2017 11:48 am

Did you install breaker panel in your aparatment on your own or you called an electrician?

Port 200 and few proxy ones in your list are not open by default (probably your port forwarding rule and activation of non-default services), and if you don't know what services are active on the router by default you are not competent enough to safely operate the box.
 
Revelation
Member
Member
Posts: 338
Joined: Fri Dec 25, 2015 5:59 am

Re: Port 200 TCP etc. open and telnet by default?

Sat May 20, 2017 4:08 pm

A quick masscan of the web I'm sure would prove that they don't, or don't know how to. Look at all the issues with default passwords. Why would telnet need to be open by default.
None of that matters; the USER is responsible for hardening their equipment.
 
silverstr8p
newbie
Topic Author
Posts: 38
Joined: Wed Nov 13, 2013 3:47 am

Re: Port 200 TCP etc. open and telnet by default?

Sat May 20, 2017 8:15 pm

There is no port forwarding, I didn't open any ports, and I closed FTP and telnet, other than that they are all standard port configuration.
 
pe1chl
Forum Guru
Forum Guru
Posts: 6227
Joined: Mon Jun 08, 2015 12:09 pm

Re: Port 200 TCP etc. open and telnet by default?

Sat May 20, 2017 8:35 pm

A quick masscan of the web I'm sure would prove that they don't, or don't know how to. Look at all the issues with default passwords. Why would telnet need to be open by default.
By default nothing is open from the internet side. You scanned the LAN side.
It is possible to disable services that you don't like.
However, when you think open telnet service is a risk and open ssh service is not, you have not understood the issue.
(similar for the other services with ssl vs without ssl)
 
silverstr8p
newbie
Topic Author
Posts: 38
Joined: Wed Nov 13, 2013 3:47 am

Re: Port 200 TCP etc. open and telnet by default?

Sun May 21, 2017 1:00 am

Still, the original question is what are the other ports for? Why are they open? Why would telnet be needed to be open by default?
 
pe1chl
Forum Guru
Forum Guru
Posts: 6227
Joined: Mon Jun 08, 2015 12:09 pm

Re: Port 200 TCP etc. open and telnet by default?

Sun May 21, 2017 10:16 am

Still, the original question is what are the other ports for? Why are they open? Why would telnet be needed to be open by default?
The ports indicate in the service list are open to provide their respective services. From the LAN side only.
Telnet is open by default to allow access to the command line configuration service.
Several of the ports you show are not open by default but are opened because you configured certain services.
(e.g. the proxy ports)

Who is online

Users browsing this forum: jebz and 168 guests