Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

open ports on Airport Extreme

R

rikers_mailbox

macrumors 6502a
Original poster
Sep 27, 2003
739
0
LA-la-land
A Port scan of my Airport Extreme's (running airport 3.1.1) external IP address revealed the following open ports:
Open Port: 139
Open Port: 1025
Open Port: 1034

Any idea why these would be open?

-rik
 
rikers_mailbox said:
A Port scan of my Airport Extreme's (running airport 3.1.1) external IP address revealed the following open ports:
Open Port: 139
Open Port: 1025
Open Port: 1034

Any idea why these would be open?

-rik
Click to expand...

139 - netbios ! Running a windows pc or Virtual PC windows ? Dangerous !
1025 - NFS or IIS
1034 - no idea there...

Is your firewall activated on your mac ? Do you have a windows server with IIS behind your airport ?
 
blaster_boy said:
139 - netbios ! Running a windows pc or Virtual PC windows ? Dangerous !
Click to expand...
hmmm, not running any windows here.

blaster_boy said:
1025 - NFS or IIS
1034 - no idea there...
Click to expand...

As for these two, I did some scouring and came up with:
http://www.networksorcery.com/enp/protocol/ip/ports01024.htm
http://www.iana.org/assignments/port-numbers
What the hell is network blackjack?

blaster_boy said:
Is your firewall activated on your mac ? Do you have a windows server with IIS behind your airport ?
Click to expand...

Yes, I have my firewall turned on and i have only a few ports opened (22 for remote SSH, 177, 6000, 7100 for X11, 3689 for iTunes sharing). I'm not sure what IIS is.

-rik
 
you can close port 139 in your firewall settings,..its used for windows sharing..you may have that checked on ...
and i also ran the port scan. :) thanks for the tip...
open ports are
80 i have the web sharing on
631 ip printing on
1033 it says its for netinfo-local
6880,6881 I have opened them for azureus..
6000 ....NOw i dont know why thats open , or what it does..
 
To see what processes on your system have what ports open, run as root:

mac:~ root# lsof -nP | grep LIST
netinfod 117 root 7u IPv4 0x01d2bd8c 0t0 TCP 127.0.0.1:1033 (LISTEN)
cupsd 300 root 0u IPv4 0x01f60500 0t0 TCP 127.0.0.1:631 (LISTEN)
httpd 310 root 16u IPv4 0x01f617ec 0t0 TCP *:80 (LISTEN)
httpd 321 www 16u IPv4 0x01f617ec 0t0 TCP *:80 (LISTEN)
mozilla-b 817 username 22u IPv4 0x01fca284 0t0 TCP 127.0.0.1:5180 (LISTEN)

From above, you can see that:

Process.....................Port it has opened
netinfod.........................1033
cupsd (printing)................631
httpd (web sharing)............80
mozilla...........................5180
 
This may be a silly question, but did you peform the scan from inside your network, or from outside your network?

The ports available to an inside address may be quite different from those available to an external address.

For instance, a port scan of myself lists 22, 80, 111, 427, 3689, 6000 all open, but if you try to connect from outside you will find only 22, and 3689 actually respond. The others are all blocked unless I'm connecting through a loopback device (in the case of 80 & 427 I've got custom firewall rules because I want to be able to test web development internally without opening my personal web sharing to the world).

P.S. 6000 is for X-Window. That one should only be available on loopback unless you've explicitly created a firewall rule to open it, which is why I'm wondering if the port scans are from the inside...

[Edited for speeling]
 
ok, i'm laughing at myself. For my initial port scan, there was a typo in my IP address. That was somone else's machine. However, I re-ran port scanner on the correct IP address, and found that Port 5009 is open! Here's as to why:
http://www.webzcan.com/Vulns/WZV11620.html

I think Apple has already fixed this problem, but I'm still on airport software 3.1.1. Anyone with Airport Extreme running the lastest version (probably need X.3) want to check their ports and see?

-rik
 
port list. this has em all.

http://www.iana.org/assignments/port-numbers

the best port scanner is nmap. this one is usually bundled who most linux distro now.

www.insecure.org it kinda a pain to get it to compile. the script isn't to mac friendly, but it works, your'll have to create and alias if you want to use it anywhere in terminal.

some sample output:
Starting nmap 3.48 ( http://www.insecure.org/nmap/ ) at 2004-03-25 20:54 CST
Interesting ports on 192.168.1.200:
(The 1650 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
1025/tcp open NFS-or-IIS
1723/tcp open pptp
5800/tcp open vnc-http
5900/tcp open vnc
Device type: general purpose
Running: Microsoft Windows 95/98/ME|NT/2K/XP
OS details: Microsoft Windows Millennium Edition (Me), Windows 2000 Professional or Advanced Server, or Windows XP

Nmap run completed -- 1 IP address (1 host up) scanned in 3.560 seconds

or something like this

Starting nmap 3.48 ( http://www.insecure.org/nmap/ ) at 2004-03-25 20:54 CST
Interesting ports on 192.168.1.1:
(The 1656 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
80/tcp open http
Device type: WAP|broadband router
Running: Linksys embedded
OS details: Linksys BEFW11S4 WAP or BEFSR41 router
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back