Menu
What's new
By:
Filters Better Search

nmap results show open/filtered UDP ports on main WAN connection

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Viktor Jaep

Viktor Jaep

Part of the Furniture
Hi All... I would like to know if this looks normal to you? I ran an nmap against UDP ports hanging off my main WAN connection IP, and got these results...

Code: 
67/udp   open|filtered dhcps
137/udp  open|filtered netbios-ns
138/udp  open|filtered netbios-dgm
3702/udp open|filtered ws-discovery
5353/udp open|filtered zeroconf

Could you please check your end to see what you get, for those who keep tabs on their firewalls? Does it make sense to close these, or would that cause networking on this level to grind to a halt? I'm semi-comfortable that they are open|filtered... as that means they are not responding, but still indicate that they are open according to the nmap documentation.

I was also surprised when doing an nmap against my TCP ports on my main WAN connection, that one port was open unbeknownst to me:

Code: 
8200/tcp open  trivnet1

It turned out that under the main router UI -> USB Application -> Media Server -> Enable UPnP Media Server was enabled... After disabling that, tcp port 8200 was closed.
 
ColinTaylor said:
Perfectly normal if you're testing from your LAN side. None of those are exposed to the internet.
Click to expand...
You're correct... I just ran an nmap from outside my network, and no UDP ports are showing as open. Thanks for the validation!
 
Viktor Jaep said:
Hi All... I would like to know if this looks normal to you? I ran an nmap against UDP ports hanging off my main WAN connection IP, and got these results...

Code: 
67/udp   open|filtered dhcps
137/udp  open|filtered netbios-ns
138/udp  open|filtered netbios-dgm
3702/udp open|filtered ws-discovery
5353/udp open|filtered zeroconf

Could you please check your end to see what you get, for those who keep tabs on their firewalls? Does it make sense to close these, or would that cause networking on this level to grind to a halt? I'm semi-comfortable that they are open|filtered... as that means they are not responding, but still indicate that they are open according to the nmap documentation.

I was also surprised when doing an nmap against my TCP ports on my main WAN connection, that one port was open unbeknownst to me:

Code: 
8200/tcp open  trivnet1

It turned out that under the main router UI -> USB Application -> Media Server -> Enable UPnP Media Server was enabled... After disabling that, tcp port 8200 was closed.
Click to expand...
Here is what mine looks like.

Code: 
Not shown: 994 closed ports
PORT     STATE         SERVICE
67/udp   open|filtered dhcps
123/udp  open|filtered ntp
137/udp  open|filtered netbios-ns
138/udp  open|filtered netbios-dgm
161/udp  open|filtered snmp
5353/udp open|filtered zeroconf
 
You must log in or register to reply here.

Similar threads

cherio
How and where to shutdown unnecessary services and ports
Replies
10
Views
2K
DJones
D
M
How to disable DNS query forwarding?
Replies
2
Views
1K
MarceloRedfield
M
V
UDP ports open|filtered
Replies
4
Views
2K
ColinTaylor
C
R
One router, two segments desired.
Replies
4
Views
380
Rombo
R
J
Port Scan shows open ports but they aren't forwarded in router - iptables questions
Replies
8
Views
2K
RMerlin
RMerlin
Similar threads
Thread starter Title Forum Replies Date
F How to read troubleshooting data collection results Asuswrt-Merlin 0
icanfly QOS Cake with merlin and MTU - slow download speeds / inconsistent mtu fragmentation results Asuswrt-Merlin 12
TheLyppardMan Inconsistent Wi-Fi signal-strength results Asuswrt-Merlin 9
skeal Solved Having trouble comparing the results of sha256 file and PowerShell results of the same file downloaded from the Mirror Asuswrt-Merlin 2
L Looking for a way to automate an hourly SpeedTest and save results on a file, is there a native option with Merlin or any other way to do it? Asuswrt-Merlin 1
ADFHogan Expected differences in Speedtest results? Asuswrt-Merlin 24
Nas.CloudBusinessPortal Speed tests results with AP Asuswrt-Merlin 37
TheLyppardMan Some interesting speed test results Asuswrt-Merlin 10
F RT-AC5300 with version 386.13 doesn't show any network activity! Asuswrt-Merlin 1
J clients connected to node by ethernet show as connected to main router Asuswrt-Merlin 12

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 783 (members: 28, guests: 755)
Top