1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WAG54GX2 port 5190 open!

Discussion in 'Other Linksys Equipment' started by tack718, Jun 29, 2006.

  1. tack718

    tack718 LI Guru Member

    Hi

    Have got a Linksys WAG54GX2 and I'm really happy with the router. However I notified that the router has by default port 5190 open!! The Linksys Support Guy, couln't help me to close down this port. Maybe a software bug? Or somebody knowns how to close the port?

    You can run "nmap" against the router (from internal and/or external lan) or just type "telnet 192.168.1.1 5190" to see the results.

    Cheers
    TACK
     
  2. sufrano63

    sufrano63 Network Guru Member

    https://www.grc.com/port_5190.htm. Trojan MBomber is probing that port
     
  3. HiSpeed

    HiSpeed Network Guru Member

  4. tack718

    tack718 LI Guru Member

    @sufrano63
    could be, but i dont have any windows pc.

    @hispeed
    dont need that service, have my own scan-server on the internet :thumbup:

    tried to change the NAT to a non existing IP, is ok now from outside -> inside (port closed) :D

    but the port remains open from inside -> outside. and this is really weird if you have to scan a remote server (my job sometimes) because you get always "5190 open". i think something is running on the linksys.
     
  5. HiSpeed

    HiSpeed Network Guru Member

    My question was to identify a bug for all GX2 !
    On some G v2.0 there is also a bug, port 12345 is open...

    The Wag firewall works only from outside to inside !
    From inside to outside, a soft firewall is needed (ZoneAlarm, etc.)
     
  6. WynX

    WynX Guest

    Same problem on WAG200G-E1

    This same problem occurs on the WAG200G (WAG200G-E1 Annex B, firmware 1.01.04). Port 5190 is OPEN!!

    This should be fixed!?!

    (till then i'll forward it to a non existing ip)
     
  7. Toxic

    Toxic Administrator Staff Member

    until a fix is done by Linksys, why not port forward the 5190 port to a non-existant IP address.
     
  8. Legionnaire

    Legionnaire LI Guru Member

    Hello,

    any news on this issue?

    Is it really considered a bug?
     
  9. Legionnaire

    Legionnaire LI Guru Member

  10. mstombs

    mstombs Network Guru Member

    If you look in the GPL sourcecode for the WAG200G 1.01.05, for example, you can see this is a deliberate feature, not a simple bug.

    The router contains ReAim "The proxy is designed to transparently proxy and massage AIM and MSN messages"

    Code:
    # Project: ReAim
    #
    # Release : 0.8 pre
    #
    # Homepage:  http://reaim.sourceforge.net/
    and the bash script on the router in usr/sbin/fw-scripts/msn contains the commands :-

    Code:
    INSIDE_IF=$LANIF
    OUTSIDE_IF=$WANIF
    
    
    IPT_X="/usr/sbin/iptables"
    IPT=IPT_X
    
    $IPT_X -N REAIM_IN
    $IPT_X -N REAIM_PRE -t nat
    $IPT_X -F REAIM_IN
    $IPT_X -F REAIM_PRE -t nat
    $IPT_X -D INPUT -j REAIM_IN
    $IPT_X -I INPUT -j REAIM_IN
    $IPT_X -D PREROUTING -t nat -j REAIM_PRE
    $IPT_X -I PREROUTING -t nat -j REAIM_PRE
    
    # Add the AIM accept rules to the outside interface...
    $IPT_X -I REAIM_IN 1  -i ${OUTSIDE_IF} -p tcp --dport 4443 -j ACCEPT
    $IPT_X -I REAIM_IN 1  -i ${OUTSIDE_IF} -p tcp --dport 5190 -j ACCEPT
    $IPT_X -I REAIM_IN 1  -i ${OUTSIDE_IF} -p tcp --dport 5566 -j ACCEPT
    
    # Add the MSN accept rules to the outside interface...
    #hide just for cdrouter test 106,108   2005/03/09  leon.
    #$IPT_X -I REAIM_IN 1  -i ${OUTSIDE_IF} -p tcp --dport 1864 -j ACCEPT
    
    # Add the DYNAMIC DCC port range to the outside interface...
    $IPT_X -I REAIM_IN 1  -i ${OUTSIDE_IF} -p tcp --dport 40000:40099 -j ACCEPT
    $IPT_X -A REAIM_IN -i ${OUTSIDE_IF} -p udp --dport 40000:41000 -j ACCEPT
    
    # Add the AIM port interception rules to the inside interface...
    $IPT_X -I REAIM_PRE 1 -t nat  -i ${INSIDE_IF} -p tcp --dport 5190 -j REDIRECT --to-port 5190
    $IPT_X -I REAIM_IN 1  -i ${INSIDE_IF} -p tcp --dport 4443 -j ACCEPT
    $IPT_X -I REAIM_IN 1  -i ${INSIDE_IF} -p tcp --dport 5190 -j ACCEPT
    $IPT_X -I REAIM_IN 1  -i ${INSIDE_IF} -p tcp --dport 5566 -j ACCEPT
    
    # Add the MSN port interception rules to the inside interface...
    $IPT_X -I REAIM_PRE 1 -t nat  -i ${INSIDE_IF} -p tcp --dport 1863 -j REDIRECT --to-port 1863
    $IPT_X -I REAIM_IN 1 -i ${INSIDE_IF} -p tcp --dport 1863:1864 -j ACCEPT
    which includes port 5190 among others.

    The "msn" file is called from the bash script "firewall" in the same directory if the variable MSN_PROXY is set...

    Some router manufacturers include a tick box to enable/disable reaim proxy see

    http://www.usr.com/support/9108/9108-ug/wui_internet.htm

    for example
     

Share This Page