1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Port open on RVS4000

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by int3grate, Aug 11, 2007.

  1. int3grate

    int3grate LI Guru Member

    Open port on RVS4000!

    After upgrading the firmware on the RVS4000 to version 1.1.11, I now have an open port that is showing up when I run a port scan (port 5190). This port was not opened before I updated it, and there are no rules in the firewall or port forwards that would allow this port to be open. Does anyone else have this port open?
     
  2. bctrainers

    bctrainers LI Guru Member

  3. int3grate

    int3grate LI Guru Member

    Yeah, that's correct, port 5190 is AOL or AIM. I've even added a rule in the ACL to prohibit this traffic, and the port is still open. I've told linksys about it, and they've notified their engineering team.

    Anyone else have this port open?
     
  4. bctrainers

    bctrainers LI Guru Member

    Just checked it on my other RVS4000 device, it's open also.
     
  5. tony4d

    tony4d LI Guru Member

    I posted in the other thread about it. Beta firmware 1.1.11, and yup, it's open.
     
  6. int3grate

    int3grate LI Guru Member

    Also, my port scan shows port 23 (telnet) in state Closed, when it should be in state filtered (I don't have any port forwards or firewall rules for that port either). Also, does anyone know exactly what service your connecting to, when you connect to port 5190? It has to be a service running on the device. I wonder what it is?

    This firmware doesn't seem to be near as secure as 1.1.9.
     
  7. david803sc

    david803sc LI Guru Member

    I also have the telnet port open, even though I am not using it, and there is no way to close or block it, I am using the 1.1.11.

    David
     
  8. int3grate

    int3grate LI Guru Member

    Your telnet port is open? Mine shows up on a port scan, but is in state closed. If you telnet to it from a remote computer, what banner do you get?

    Just so you guys know what I mean by open/closed/filtered, here is the output of an nmap scan I ran against myself. One of the ports that shows up (6112) is one that I forwarded for an online game. I do not however have any rules for port 5190 (which is open!), and port 23.

    Code:
    Starting Nmap 4.00 ( http://www.insecure.org/nmap/ ) at 2007-08-13 13:13 GMT-1
    Interesting ports on xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx):
    (The 1669 ports scanned but not shown below are in state: filtered)
    PORT     STATE  SERVICE
    23/tcp   closed telnet
    5190/tcp open   aol
    6112/tcp closed dtspc
    
     

Share This Page