ViktorJp@GT-AX6000-3C88:/jffs/scripts# nmap 43.18.27.170
Starting Nmap 7.95 ( https://nmap.org ) at 2025-05-31 09:17 EDT
Nmap scan report for 43.18.27.170.some.isp.conglomerate.com (43.18.27.170)
Host is up (0.000032s latency).
Not shown: 999 closed tcp ports (reset)
PORT STATE SERVICE
22/tcp open ssh
Nmap done: 1 IP address (1 host up) scanned in 0.32 seconds
Moving from 3004 to 3006 on the GT-AX6000, I noticed this curious thing... SSH is open on eth0, but thankfully not reachable from the public internet. It wasn't exhibiting this behavior on 3004. Just made my heart skip a beat.
Code:ViktorJp@GT-AX6000-3C88:/jffs/scripts# nmap 43.18.27.170 Starting Nmap 7.95 ( https://nmap.org ) at 2025-05-31 09:17 EDT Nmap scan report for 43.18.27.170.some.isp.conglomerate.com (43.18.27.170) Host is up (0.000032s latency). Not shown: 999 closed tcp ports (reset) PORT STATE SERVICE 22/tcp open ssh Nmap done: 1 IP address (1 host up) scanned in 0.32 seconds
Curious to see if others see the same thing doing an nmap on their public eth0 IP address?
In case someone asks to see these settings:
View attachment 66028
Asus stopped binding ssh to the LAN IP in 3006 and 3004.388.9 GPLs (I assume it was Asus for GNP reasons).Moving from 3004 to 3006 on the GT-AX6000, I noticed this curious thing... SSH is open on eth0, but thankfully not reachable from the public internet. It wasn't exhibiting this behavior on 3004.
Previously on 3004, "LAN only" would only show an ssh/open entry under the LAN side... nothing on the WAN side. You can also check by runningWhat would you see for 3004 with it set to "LAN only" or "LAN & WAN"? For 3004 set to "LAN only" is it open only on ports other than eth0? And for 3006 set to "LAN only", what's stopping it from being open to the internet? The built-in firewall?
nmap 192.168.50.1
(or whatever your local LAN IP is). Yeah, I'm guessing the firewall is blocking it at this point. Thank goodness. I immediately jumped to a breached or incorrectly configured router conclusion before testing it from the internet.Thanks for pointing us to the code, @dave14305!Asus stopped binding ssh to the LAN IP in 3006 and 3004.388.9 GPLs (I assume it was Asus for GNP reasons). But the SSH LAN/WAN setting has only influenced the firewall rules, not how the daemon runs.
That’s OK, I described the previous behavior incorrectly anyway. The LAN/WAN setting would also influence the IP binding in the older versions.Thanks for pointing us to the code, @dave14305!![]()
Here is what I get: It reports all scanned ports in ignored states. For SSH I use a non standard port in the range greater than 50,000.Moving from 3004 to 3006 on the GT-AX6000, I noticed this curious thing... SSH is open on eth0, but thankfully not reachable from the public internet. It wasn't exhibiting this behavior on 3004. Just made my heart skip a beat.
Code:ViktorJp@GT-AX6000-3C88:/jffs/scripts# nmap 43.18.27.170 Starting Nmap 7.95 ( https://nmap.org ) at 2025-05-31 09:17 EDT Nmap scan report for 43.18.27.170.some.isp.conglomerate.com (43.18.27.170) Host is up (0.000032s latency). Not shown: 999 closed tcp ports (reset) PORT STATE SERVICE 22/tcp open ssh Nmap done: 1 IP address (1 host up) scanned in 0.32 seconds
Curious to see if others see the same thing doing an nmap on their public eth0 IP address?
In case someone asks to see these settings:
View attachment 66028
Hum. How to explain that. Assuming you have the same setup as mine for SSH right?Here is what I get: It reports all scanned ports in ignored states. For SSH I use a non standard port in the range greater than 50,000.
ASUSWRT-Merlin RT-AX88U_PRO 3006.102.4_0 Sat May 10 15:59:43 UTC 2025
TheMan@RT-AX88U_Pro-68D0:/tmp/home/root# nmap 73.62.xxx.xx
Starting Nmap 7.95 ( https://nmap.org ) at 2025-05-31 12:15 EDT
Nmap scan report for c-73-62-xxx-xx.hsd1.fl.comcast.net (73.62.xxx.xx)
Host is up (0.000035s latency).
All 1000 scanned ports on c-73-62-xxx.xx.hsd1.fl.comcast.net (73.62.xxx.xx) arin ignored states.
Not shown: 1000 closed tcp ports (reset)
Nmap done: 1 IP address (1 host up) scanned in 0.37 seconds
TheMan@RT-AX88U_Pro-68D0:/tmp/home/root#
He said his SSH port was above 50000. The default nmap scan wouldn’t check that high.Hum. How to explain that.
Exact same settings except as I said originally I use a port other than 22 and greater than 50,000. Could be in my case since this command only scans 1000 ports the port I use is above the range scanned. Not that it should make any difference I have disabled idle timeout.Hum. How to explain that. Assuming you have the same setup as mine for SSH right?
View attachment 66031
Yeah, would be nice if it showed everything.Exact same settings except as I said originally I use a port other than 22 and greater than 50,000. Could be in my case since this command only scans 1000 ports the port I use is above the range scanned. Not that it should make any difference I have disabled idle timeout.
For me the same test is Passed.RT-AX-86U Pro 3006.102.4
The ShieldsUP scan of Common Ports says FAILED because a a Ping (IMCP Echo) reply was received. The Firewall setting, Respond IMCP Echo (ping) Request from WAN, is NO. Any issue with this behavior?
Not seeing the same on a RT-AX86U Pro. All common ports report stealth. Respond ICMP Echo (ping) Request from WAN is set to No.RT-AX-86U Pro 3006.102.4
The ShieldsUP scan of Common Ports says FAILED because a a Ping (IMCP Echo) reply was received. The Firewall setting, Respond IMCP Echo (ping) Request from WAN, is NO. Any issue with this behavior?
GRC Port Authority Report created on UTC: 2025-06-01 at 22:xx:xx
Results from scan of ports: 0, 21-23, 25, 79, 80, 110, 113,
119, 135, 139, 143, 389, 443, 445,
1002, 1024-1030, 1720, 5000
0 Ports Open
0 Ports Closed
26 Ports Stealth
---------------------
26 Ports Tested
ALL PORTS tested were found to be: STEALTH.
TruStealth: PASSED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.
No issue seen here, passes with flying colours.RT-AX-86U Pro 3006.102.4
The ShieldsUP scan of Common Ports says FAILED because a a Ping (IMCP Echo) reply was received. The Firewall setting, Respond IMCP Echo (ping) Request from WAN, is NO. Any issue with this behavior?
Are you perchance testing through a VPN?RT-AX-86U Pro 3006.102.4
The ShieldsUP scan of Common Ports says FAILED because a a Ping (IMCP Echo) reply was received. The Firewall setting, Respond IMCP Echo (ping) Request from WAN, is NO. Any issue with this behavior?
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!