1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Why does Fing report these open ports in router?

Discussion in 'ASUS Wireless' started by echable, Dec 2, 2019.

  1. echable

    echable Occasional Visitor

    Joined:
    Nov 10, 2019
    Messages:
    10
    Did a scan for open ports using Fing app and giving my routers address. It reported the following, as seen in screenshot.

    I have no idea what any of these ports/ services are. Any ideas ?

    Also, none of the ports on my network that are "open"/forwarded from router to specific LAN devices were reported by Fing - not through scanning router for ports - and not through scanning the specific internal IPs for ports. I guess that's a good thing but how?

    Thank you very much for any enlightenment. Screenshot_20191202-200034_Fing.jpg
     
  2. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    9,795
    Location:
    UK
    They are exactly what they say they are. The router's DNS server (53), web interface (80 and 8443) and USB printer server (515 and 9100).

    Scanning those ports on the router is meaningless. If you're scanning the ports of a client then that client has to be currently listening on that port.
     
  3. follower

    follower Senior Member

    Joined:
    Dec 1, 2014
    Messages:
    231
    53: Your router(192.168.1.1) works as a DNS server. If you close it you can't access internet.
    80(local): Web GUI for your router.
    515: printer sharing.
    8443: Administration>Remote Access Config>Enable Web Access from WAN
    9100: remote access printer

    Local scanning is meaningless.
     
  4. echable

    echable Occasional Visitor

    Joined:
    Nov 10, 2019
    Messages:
    10
    But should ANY ports be open unless I opened them ? Isn't it a bit suspect that, without it being documented for the customer either, especially network-y things like a web gui, remote web gui, and remote printing. Or are these standard for all routers or something ?

    Why is local scanning meaningless ? ColinTaylor if I understand you correctly you seem to be saying something similar. Why ? I could set up a guest wifi network that has no intranet access, different user accounts etc. and connect to that, specify my web address (which will not be an internal IP for the guest network then, it will be the DDNS for the router). Or disconnect my phone from wifi or use someone else's wifi.

    What do you mean scanning for ports is meaningless because the unit being scanned has to be listening at those ports then ? Yes, isn't that the whole point - it is listening because it's been opened, and it's being scanned for by whoever because it is open.
     
  5. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    9,795
    Location:
    UK
    A correction/clarification to @follower's post. Because you are scanning from inside your LAN port 8443 is not for "Web Access from WAN". It is just the HTTPS access to the router's GUI (Administration - System>Web Access>Authentication Method>HTTPS or Both).

    This is perfectly normal. These ports are only "open" to devices on your LAN. They are not accessible from the internet. The ports you mention are required for the router to do its job.
     
  6. follower

    follower Senior Member

    Joined:
    Dec 1, 2014
    Messages:
    231
    "Web Access from WAN": outside > inside. "Authentication Method(https)": inside>inside. Both of them use 8443 for local and remote. I was just talking about the port number.
     
  7. follower

    follower Senior Member

    Joined:
    Dec 1, 2014
    Messages:
    231
    "These standard for all routers or something ?": Yes.
    "it is listening because it's been opened, and it's being scanned for by whoever because it is open": Local only. You know...there is no way to prevent local intruders such as SNI, spoofing, MITM etc.
    Don't trust HTTPS.
    https://zakird.com/papers/https_interception.pdf
     
    Last edited: Dec 3, 2019
  8. RMerlin

    RMerlin Super Moderator

    Joined:
    Apr 14, 2012
    Messages:
    31,537
    Location:
    Canada
    The term "open port" is misleading. In itself, it implies opening something in a firewall. In this case, you are testing between LAN and LAN, where there is no firewall, therefore there is no open or closed ports - everything running on the router is accessible from your LAN client. What you are actually testing here is which services are running on your router. Your router runs a DNS service for name resolution by your clients for instance, hence it will respond to port 53. The firewall lies between the LAN and the WAN, and there, there is no port 53 opening.
     
    Hawk likes this.