Why is port 21 open?

Discussion in 'Tomato Firmware' started by Vezado, May 18, 2009.

  1. Vezado

    Vezado LI Guru Member

    I've forwarded it off into the ether as a workaround, but i'm just wondering why it's open by default. I noticed it when doing a port scan from grc.com (ShieldsUp!)

    Using TomatoVPN 1.23
  2. Vezado

    Vezado LI Guru Member

    Sorry for the bump, but is anyone else seeing port 21 open?

    I tried doing a telnet to the router and it does connect on 21, but no text is visible.
  3. danix71

    danix71 LI Guru Member

    Telnet is on 23 (ssh on 22, ftp on 21).
  4. fyellin

    fyellin LI Guru Member

    Vezado: I ran a port scan and saw absolutely nothing unusual about port 21. No response.

    danix71: I think you misunderstood Vezado's email. You can use telnet to try talking to any TCP port, whether or not telnet is running on the other end. This is a useful way of finding out if a port is alive and responding. If the protocol is ASCII-ish and you know what you're doing you can telnet to services and talk to them directly: port 80 to get the raw content of URLs, or port 25 to send and receive mail.

    The syntax isn't the expected "telnet host:port" but "telnet host port".
  5. Vezado

    Vezado LI Guru Member

    Yes, but telnet can be used to access many services on a variety of ports. Telnet to your pop3 mail server and you'll get a response (server names changed).

    telnet pop3.mymailserver.com 25

    Connecting To pop3.mymailserver.com...

    220-xxx.xxxxx.net ESMTP Exim 4.69 #1 Tue, 19 May 2009 12:12:03 -0400
    220-We do not authorize the use of this system to transport unsolicited,
    220 and/or bulk e-mail.

    500 unrecognized command

    And if it is FTP, do you want an FTP server running on your exposed router? I hope that it isn't, I'm just trying to find out what it is and why the port was left open.

    @fyellin - you posted right before me, sorry for the redundancy. What version of Tomato are you running? Perhaps Keith Moyer forgot something on the TomatoVPN i'm using?

    Can any other TomatoVPN users try a port scan?
  6. SgtPepperKSU

    SgtPepperKSU Network Guru Member

    I did one using ShieldsUp when I saw your post yesterday. All of the ports scanned (including 21) were "stealth".
  7. Vezado

    Vezado LI Guru Member

    I'm totally baffled, now i'm getting the same results as everyone else. Yesterday, i was able to enable and disable port forwarding on 21 and change it from "port closed" to stealth.

    I tested many times before posting just to be sure i wasn't missing something. Don't write me off as a nutjob just yet... :)
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice