What's new

Admin port visible on WAN

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

fgh14

New Around Here
Apologies if this is covered elsewhere - I did see similar queries but no responses.

I have noticed that the Admin port (HTTPS) configured for my router Asus RT-AX88U running latest firmware 3004.388.7 is visible on the WAN despite the fact that WAN access is disabled. This is a custom port rather than the default. The various security tools I am using to check for open ports is flagging this. I would have thought it should not be open/visible to the WAN if remote access is disabled. Any thoughts/help appreciated.
 
This is a custom port rather than the default.
That right there may be your problem. Likely the firmware can only control the default port (80/8443) with the switch.
I could be wrong, but I think I've seen this behaviour before with port 80.
 
That right there may be your problem. Likely the firmware can only control the default port (80/8443) with the switch.
I could be wrong, but I think I've seen this behaviour before with port 80.
Thanks for the reply Ripshod, actually I got my facts wrong , it is on port 8443. So still a problem even with the standard ports.
 
Does that port show as open using this test?

Thanks Colin, it does NOT show up on that check however it is visible on both GRC ShieldsUp (flagged as "Stealth") and on Shodan.io (flagged as "open"). I really dont want any ports visible to outside tools for obvious reasons (unless I choose to open them which I never do)
 
however it is visible on both GRC ShieldsUp (flagged as "Stealth")
"Stealth" means it's not open: "There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!"

and on Shodan.io (flagged as "open").
I block all Shodan probes, but IIRC Shodan will still say a port is open for quite a long time after you've closed it. So if you previously had it open to the WAN you may just be seeing old information. I would trust canyouseeme and GRC more than Shodan.

You can also try this one: https://www.yougetsignal.com/tools/open-ports/?remoteAddress
 
Last edited:
"Stealth" means it's not open: "There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!"


I block all Shodan probes, but IIRC Shodan will still say a port is open for quite a long time after you've closed it. So if you previously had it open to the WAN you may just be seeing old information. I would trust canyouseeme and GRC more than Shodan.

You can also try this one: https://www.yougetsignal.com/tools/open-ports/?remoteAddress
Got it , thanks Colin. I did have it open some time ago but had closed it (external WAN admin access). So all seems OK.. appreciate the responses.
 
Got it , thanks Colin. I did have it open some time ago but had closed it (external WAN admin access). So all seems OK.. appreciate the responses.
You could also try this to see what your WAN side is reporting as open:

Code:
nmap <WAN IP> | grep "open"
 
You could also try this to see what your WAN side is reporting as open:

Code:
nmap <WAN IP> | grep "open"
That's a misleading test if you're doing it from inside your LAN because it ignores the action of the router's firewall. Therefore it will show some ports as "open" even though they're inaccessible.
 
That's a misleading test if you're doing it from inside your LAN because it ignores the action of the router's firewall. Therefore it will show some ports as "open" even though they're inaccessible.
Yeah, but it at least gives you some idea of what's being presented, or at least what services are trying to open some port on the WAN side.
 

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top