Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Detlev

macrumors 6502a
Original poster
Sep 16, 2003
509
0
Before someone says "You don't need to..." Yes, I do. I need to at least try to prove that it would not matter.

OK, here we go...

I need to filter and or block outside access to UDP port 192. What I have is four or five clients (machines) that use an AirPort base station. A contracted security firm has scanned our IP address and found they can gain information from UDP port 192 and they feel this is a security risk. They sent me the information and it was correct so I know they were able to access it somehow. They say it amy only need a firewall or filter. I already have a closed network, use MAC address control, WiFi Protected Access, etc. Can someone help me set this up to see if in fact it will do as they say?

Another thing I am confused about is that I don't know where these firewalls are. Are they on the base station or the individual clients (machines)? It seems they get as far as the base station, as they have never mentioned what computers we are using. So, am I trying to turn on firewalls and/or filters on the base station only?
 
On Apple's "Well Known" TCP and UDP ports used by Apple software products page it lists port 192 as:-

AirPort Base Station PPP status or discovery (certain configurations), AirPort Admin Utility, AirPort Express Assistant

Was the security company scanning from within the network or from outside (internet)?

If it was from inside then blocking that port might stop you from accessing the Airports configuration/settings.

Not sure if this is it, however check that you don't have SNMP allowed for the WAN. In the Airport config under Advanced > Logging and SNMP, make sure Allow SNMP Access is unchecked. I would back up your configuration first, I can't test this at the moment as I don't have my Airports with me.

EDIT: As far as I can tell it's the Airport which is most likely the problem, it will already be running a firewall however. Hopefully it is something like SNMP or remote configuration which can be disabled for the WAN.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.