What's new

Why does Fing report these open ports in router?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

echable

Occasional Visitor
Did a scan for open ports using Fing app and giving my routers address. It reported the following, as seen in screenshot.

I have no idea what any of these ports/ services are. Any ideas ?

Also, none of the ports on my network that are "open"/forwarded from router to specific LAN devices were reported by Fing - not through scanning router for ports - and not through scanning the specific internal IPs for ports. I guess that's a good thing but how?

Thank you very much for any enlightenment.
Screenshot_20191202-200034_Fing.jpg
 
I have no idea what any of these ports/ services are. Any ideas ?
They are exactly what they say they are. The router's DNS server (53), web interface (80 and 8443) and USB printer server (515 and 9100).

Also, none of the ports on my network that are "open"/forwarded from router to specific LAN devices were reported by Fing - not through scanning router for ports - and not through scanning the specific internal IPs for ports. I guess that's a good thing but how?
Scanning those ports on the router is meaningless. If you're scanning the ports of a client then that client has to be currently listening on that port.
 
Did a scan for open ports using Fing app and giving my routers address. It reported the following, as seen in screenshot.

I have no idea what any of these ports/ services are. Any ideas ?

Also, none of the ports on my network that are "open"/forwarded from router to specific LAN devices were reported by Fing - not through scanning router for ports - and not through scanning the specific internal IPs for ports. I guess that's a good thing but how?

Thank you very much for any enlightenment.View attachment 20103

53: Your router(192.168.1.1) works as a DNS server. If you close it you can't access internet.
80(local): Web GUI for your router.
515: printer sharing.
8443: Administration>Remote Access Config>Enable Web Access from WAN
9100: remote access printer

Local scanning is meaningless.
 
53: Your router(192.168.1.1) works as a DNS server. If you close it you can't access internet.
80(local): Web GUI for your router.
515: printer sharing.
8443: Administration>Remote Access Config>Enable Web Access from WAN
9100: remote access printer

Local scanning is meaningless.

But should ANY ports be open unless I opened them ? Isn't it a bit suspect that, without it being documented for the customer either, especially network-y things like a web gui, remote web gui, and remote printing. Or are these standard for all routers or something ?

Why is local scanning meaningless ? ColinTaylor if I understand you correctly you seem to be saying something similar. Why ? I could set up a guest wifi network that has no intranet access, different user accounts etc. and connect to that, specify my web address (which will not be an internal IP for the guest network then, it will be the DDNS for the router). Or disconnect my phone from wifi or use someone else's wifi.

What do you mean scanning for ports is meaningless because the unit being scanned has to be listening at those ports then ? Yes, isn't that the whole point - it is listening because it's been opened, and it's being scanned for by whoever because it is open.
 
A correction/clarification to @follower's post. Because you are scanning from inside your LAN port 8443 is not for "Web Access from WAN". It is just the HTTPS access to the router's GUI (Administration - System>Web Access>Authentication Method>HTTPS or Both).

But should ANY ports be open unless I opened them ?
This is perfectly normal. These ports are only "open" to devices on your LAN. They are not accessible from the internet. The ports you mention are required for the router to do its job.
 
A correction/clarification to @follower's post. Because you are scanning from inside your LAN port 8443 is not for "Web Access from WAN". It is just the HTTPS access to the router's GUI (Administration - System>Web Access>Authentication Method>HTTPS or Both).
"Web Access from WAN": outside > inside. "Authentication Method(https)": inside>inside. Both of them use 8443 for local and remote. I was just talking about the port number.
 
But should ANY ports be open unless I opened them ? Isn't it a bit suspect that, without it being documented for the customer either, especially network-y things like a web gui, remote web gui, and remote printing. Or are these standard for all routers or something ?

Why is local scanning meaningless ? ColinTaylor if I understand you correctly you seem to be saying something similar. Why ? I could set up a guest wifi network that has no intranet access, different user accounts etc. and connect to that, specify my web address (which will not be an internal IP for the guest network then, it will be the DDNS for the router). Or disconnect my phone from wifi or use someone else's wifi.

What do you mean scanning for ports is meaningless because the unit being scanned has to be listening at those ports then ? Yes, isn't that the whole point - it is listening because it's been opened, and it's being scanned for by whoever because it is open.

"These standard for all routers or something ?": Yes.
"it is listening because it's been opened, and it's being scanned for by whoever because it is open": Local only. You know...there is no way to prevent local intruders such as SNI, spoofing, MITM etc.
Don't trust HTTPS.
https://zakird.com/papers/https_interception.pdf
 
Last edited:
The term "open port" is misleading. In itself, it implies opening something in a firewall. In this case, you are testing between LAN and LAN, where there is no firewall, therefore there is no open or closed ports - everything running on the router is accessible from your LAN client. What you are actually testing here is which services are running on your router. Your router runs a DNS service for name resolution by your clients for instance, hence it will respond to port 53. The firewall lies between the LAN and the WAN, and there, there is no port 53 opening.
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top