Port 161
I have done a security check on the Shields Up! Web site and it shows port 161 as not being stealthed. Does anyone know what that port does and what, if anything, I ought to do about this? I am running Avast 5 Internet Security, which includes a firewall. Does the HH3 include a firewall as well?
Hi Brian_E,
The following post may clear this up for you - it's contained in a pretty lengthy thread which already exists on the topic
http://community.bt.com/t5/BB-Speed-Connection-Issues/port-161-open-on-home-hub-3/m-p/159023#M69385
Dean
BTCare Community Mod
If you like a post, or want to say thanks for a helpful answer, please click on the Ratings star on the left-hand side of the post.
If someone answers your question correctly please let other members know by clicking on ’Mark as Accepted Solution’.
Similar Messages
-
Hi guys, I was double checking to see that my security software firewall is working correctly as Windows 8 has been having problems with Mcafee.
While doing so i found that Port 161 is showing open using the Shields up in depth port scan (https://www.grc.com/x/ne.dll?bh0bkyd2.
After googling this i came across this article: http://punj-technology.blogspot.co.uk/2012/04/bt-homehub-v-3-open-ports-161-and-4567.html
In that article it also gave the BT forum discussion regarding the open port at:http://community.bt.com/t5/Other-BB-Queries/port-161-open-on-home-hub-3/td-p/133207/page/12
Is there any update on this? Is the Hub going to get an update?
I dont like seeing open ports on my system and it didnt show up when i was with Virgin Media as being open.
Happy Xmas, Jay.Port 161 is open for BT remote management this link explains about the updates http://community.bt.com/t5/BT-Infinity/Hub-3A-Upgrade-Info-Rollout-starting-7-November/td-p/689584
If you want to say thanks for a helpful answer,please click on the Ratings star on the left-hand side If the reply answers your question then please mark as ’Mark as Accepted Solution’ -
UDP port 161 on IPCC/ICM servers
I am trying to setup Solarwinds monitoring via SNMP on our IPCC/ICM servers. The servers are AW, PGs and Router/Loggers.
Do the IPCC/ICM applications use UDP port 161? I cannot start the SNMP service on the servers due to UDP port 161 is already being used.
According to Windows task manager, the port is used by PID snmpdm.exe.
Any info or comment is appreciated. Thanks.Yes it's not the same. Why, I do not know.
On ICM Windows boxes you use the MMC snapin, but on CVP you use the Ops Console which writes into cfg files and pushes them to the box.
At the end of the day the basics of community name, access list, trap destination are known by the agent on the ICM or CVP server.
Regards,
Geoff -
Greet the sun all,
Is there any restriction on which port the WLS SNMP Agent runs on? Can
you run it on a port > 1024? I would like to avoid the root access
problem if possible.
Perry Hoekstra
E-Commerce Architect
Talent Software Services
[email protected]Perry Hoekstra <[email protected]> wrote in message
news:[email protected]..
Greet the sun all,
Is there any restriction on which port the WLS SNMP Agent runs on?No, you can run it on any port. However, 161 is the standard port. If you
use anything else - you will have to configure your SNMP Manager (if you are
using one) so it knows to go to a non-standard port for that machine.
Can
you run it on a port > 1024? I would like to avoid the root access
problem if possible.
Perry Hoekstra
E-Commerce Architect
Talent Software Services
[email protected] -
How to start SNMP on LDAP Dir. server ? Is that runs on port 161 ?
When I click 'SNMP' tab on configuration it says "The snmp service has been started" But when I try to stop or restart it says, "Error occured while stop/restating subagent. Check the configuration data you entered"
Where do I check the config. data ?
Do I need to enable somewhere snmp ???
I want to browse the SNMP mib from our App.
For that I'm trying to run the snmp agent on dir. server.
any help ?
Thanx,
Ramesh//The SNMP services can be stoped from the configuration tab but that does not stop the SNMP subagent it has to be explicitly stoped if Ur running from windows machine go to the control panel and stop the services.
If U'r running the Directory server from unix host the hostname where the master agent resides and the port no is must for the subagent to contact.
Regarding the port no SNMP is running if Ur using unix host check the /etc/services file for the port no for SNMP services. -
Open port issues with Direct Print functionality
Hi, I have been fighting with HP call support about the Photosmart 7525 printer.
Originally I setup and had performed all the functions to enable both web support and WIFI.
Within an hour the printer would not respond to wireless communication, though it had its wireless indecator showing it was connected.
I was told by HP support that the issue will be resolved in March, as there will be a firmware update to fix the issue.
Now that I had the printer install the new firmware I still get the issue.
Though I found through some sniffing, that there are a number of ports enabled and open that are over and beyond print requirements.
Funny thing I can send my printer into instant lockup with all lights flashing with a simple UDP ping sniff. I would think I can do this with other new HP printers using Eprint functions. I will find HP web based printers that are open for public printing and test my theory that HP Eprinters are open to hacking and denyal of service attempts. My Hp print app on andriod list three in my area, and one is at my local Walmart. This would be cool to find this, as I am usually not the first to point such matters out.
I assume some are for Apple devices to print.
Here is my sniffing report:
Starting Nmap 6.40 ( http://nmap.org ) at 2014-03-21 07:57 Central Daylight TimeNSE: Loaded 110 scripts for scanning.NSE: Script Pre-scanning.Initiating ARP Ping Scan at 07:57Scanning 192.168.223.1 [1 port]Completed ARP Ping Scan at 07:57, 0.23s elapsed (1 total hosts)Initiating Parallel DNS resolution of 1 host. at 07:57Completed Parallel DNS resolution of 1 host. at 07:58, 16.50s elapsedInitiating SYN Stealth Scan at 07:58Scanning 192.168.223.1 [1000 ports]Discovered open port 445/tcp on 192.168.223.1Discovered open port 139/tcp on 192.168.223.1Discovered open port 80/tcp on 192.168.223.1Discovered open port 443/tcp on 192.168.223.1Discovered open port 8080/tcp on 192.168.223.1Discovered open port 9220/tcp on 192.168.223.1Discovered open port 6839/tcp on 192.168.223.1Discovered open port 631/tcp on 192.168.223.1Discovered open port 7435/tcp on 192.168.223.1Discovered open port 8089/tcp on 192.168.223.1Discovered open port 9100/tcp on 192.168.223.1Completed SYN Stealth Scan at 07:58, 1.71s elapsed (1000 total ports)Initiating UDP Scan at 07:58Scanning 192.168.223.1 [1000 ports]Discovered open port 5353/udp on 192.168.223.1Completed UDP Scan at 07:58, 1.82s elapsed (1000 total ports)Initiating Service scan at 07:58Scanning 20 services on 192.168.223.1Discovered open port 161/udp on 192.168.223.1Discovered open|filtered port 161/udp on 192.168.223.1 is actually open
Starting Nmap 6.40 ( http://nmap.org ) at 2014-03-21 07:51 Central Daylight TimeNmap scan report for 192.168.223.1Host is up (0.0025s latency).Not shown: 93 closed portsPORT STATE SERVICE VERSION80/tcp open http HP Photosmart 7520 series printer http config (Serial TH3AS711XZ05YZ)139/tcp open tcpwrapped443/tcp open ssl/http HP Photosmart 7520 series printer http config (Serial TH3AS711XZ05YZ)445/tcp open netbios-ssn631/tcp open http HP Photosmart 7520 series printer http config (Serial TH3AS711XZ05YZ)8080/tcp open http HP Photosmart 7520 series printer http config (Serial TH3AS711XZ05YZ)9100/tcp open jetdirect?MAC Address: A03:C1:BD:C8:34 (Unknown)Device type: printer|general purposeRunning: HP embedded, Wind River VxWorksOS CPE: cpe:/h:hp:laserjet_cm1415fnw cpe:/h:hp:laserjet_cp1525nw cpe:/h:hp:laserjet_1536dnf cpe:/o:windriver:vxworksOS details: HP LaserJet CM1415fnw, CP1525nw, or 1536dnf printer, VxWorksNetwork Distance: 1 hopService Info: Device: printer; CPE: cpe:/h:hphotosmart_7520OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .Nmap done: 1 IP address (1 host up) scanned in 34.11 secondsOK now I am able to run a full scan on TCP ports without causing a lock up of the printer.
I found that having the printer connect to a router that has been setup to use channel 5, 6 or 7 will cause port scanning issues with the printer.
It is obvious that there are 18 ports that are seen as open, whether they are used or not. Two of which are active but have no service connected to them. Some are just dead like port 25, but over half are active enough to recieve data and lock network connectivity within the printer.
As the firmware states some other laser jets may be affected depending on how the configuration can be set.
I moved my routers channel to channel 1 as it is the only other option I have in a highly congested location. It is not as good as channel 6, but the printer seems to have channel 6 locked in for direct printing.
Here is the latest full scan with UDP enabled, it is the furthest and most complete scan I am able to complete, with UDP ports enabled. The TCP port scan has a bit more and I have placed a simple list below the information given here:
Starting Nmap 6.40 ( http://nmap.org ) at 2014-03-21 13:27 Central Daylight Time
NSE: Loaded 110 scripts for scanning.
NSE: Script Pre-scanning.
Initiating ARP Ping Scan at 13:27
Scanning 192.168.1.211 [1 port]
Completed ARP Ping Scan at 13:27, 0.44s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 13:27
Completed Parallel DNS resolution of 1 host. at 13:27, 0.03s elapsed
Initiating SYN Stealth Scan at 13:27
Scanning 192.168.1.211 [1000 ports]
Discovered open port 443/tcp on 192.168.1.211
Discovered open port 80/tcp on 192.168.1.211
Discovered open port 139/tcp on 192.168.1.211
Discovered open port 8080/tcp on 192.168.1.211
Discovered open port 445/tcp on 192.168.1.211
Discovered open port 631/tcp on 192.168.1.211
Discovered open port 9100/tcp on 192.168.1.211
Discovered open port 7435/tcp on 192.168.1.211
Discovered open port 9220/tcp on 192.168.1.211
Discovered open port 6839/tcp on 192.168.1.211
Completed SYN Stealth Scan at 13:27, 5.25s elapsed (1000 total ports)
Initiating UDP Scan at 13:27
Scanning 192.168.1.211 [1000 ports]
Discovered open port 137/udp on 192.168.1.211
Completed UDP Scan at 13:27, 4.46s elapsed (1000 total ports)
Initiating Service scan at 13:27
Scanning 16 services on 192.168.1.211
Discovered open port 161/udp on 192.168.1.211
Discovered open|filtered port 161/udp on 192.168.1.211 is actually open
Completed Service scan at 13:29, 82.51s elapsed (17 services on 1 host)
Initiating OS detection (try #1) against 192.168.1.211
NSE: Script scanning 192.168.1.211.
Initiating NSE at 13:29
Completed NSE at 13:30, 82.29s elapsed
Nmap scan report for 192.168.1.211
Host is up (0.023s latency).
Not shown: 1983 closed ports
PORT STATE SERVICE VERSION
80/tcp open http HP Photosmart 7520 series printer http config (Serial TH3AS711XZ05YZ)
|_http-favicon: Unknown favicon MD5: 76C6E492CB8CC73A2A50D62176F205C9
| http-methods: GET POST PUT DELETE
| Potentially risky methods: PUT DELETE
|_See http://nmap.org/nsedoc/scripts/http-methods.html
|_http-title: Site doesn't have a title (text/html).
139/tcp open tcpwrapped
443/tcp open ssl/http HP Photosmart 7520 series printer http config (Serial TH3AS711XZ05YZ)
|_http-favicon: Unknown favicon MD5: 76C6E492CB8CC73A2A50D62176F205C9
| http-methods: GET POST PUT DELETE
| Potentially risky methods: PUT DELETE
|_See http://nmap.org/nsedoc/scripts/http-methods.html
|_http-title: Site doesn't have a title (text/html).
| ssl-cert: Subject: commonName=HPPS7525/organizationName=HP/stateOrProvinceName=Washington/countryName=US
| Issuer: commonName=HPPS7525/organizationName=HP/stateOrProvinceName=Washington/countryName=US
| Public Key type: rsa
| Public Key bits: 1024
| Not valid before: 2014-02-25T10:12:24+00:00
| Not valid after: 2034-02-20T10:12:24+00:00
| MD5: 9144 ca3b 557e 09cc aba0 8387 2732 2375
|_SHA-1: a6b2 95c0 b72a 7201 578c 32de 662a e6fe b082 48ca
|_ssl-date: 2014-03-21T13:30:09+00:00; -4h59m12s from local time.
445/tcp open netbios-ssn
631/tcp open http HP Photosmart 7520 series printer http config (Serial TH3AS711XZ05YZ)
| http-methods: GET POST PUT DELETE
| Potentially risky methods: PUT DELETE
|_See http://nmap.org/nsedoc/scripts/http-methods.html
6839/tcp open tcpwrapped
7435/tcp open tcpwrapped
8080/tcp open http HP Photosmart 7520 series printer http config (Serial TH3AS711XZ05YZ)
|_http-favicon: Unknown favicon MD5: 76C6E492CB8CC73A2A50D62176F205C9
| http-methods: GET POST PUT DELETE
| Potentially risky methods: PUT DELETE
|_See http://nmap.org/nsedoc/scripts/http-methods.html
|_http-title: Site doesn't have a title (text/html).
9100/tcp open jetdirect?
9220/tcp open hp-gsg HP Generic Scan Gateway 1.0
137/udp open netbios-ns Samba nmbd (workgroup: HPPS7525)
138/udp open|filtered netbios-dgm
161/udp open snmp SNMPv1 server (public)
| snmp-hh3c-logins:
|_ baseoid: 1.3.6.1.4.1.25506.2.12.1.1.1
| snmp-interfaces:
| Wifi0
| IP address: 192.168.1.211 Netmask: 255.255.255.0
| MAC address: a0:d3:c1:bd:c8:32 (Unknown)
| Type: ethernetCsmacd Speed: 10 Mbps
| Status: up
|_ Traffic stats: 6.16 Mb sent, 3.43 Mb received
| snmp-netstat:
| TCP 0.0.0.0:7435 0.0.0.0:0
| TCP 192.168.1.211:56076 15.201.145.52:5222
| UDP 0.0.0.0:3702 *:*
| UDP 127.0.0.1:666 *:*
|_ UDP 192.168.223.1:67 *:*
| snmp-sysdescr: HP ETHERNET MULTI-ENVIRONMENT
|_ System uptime: 0 days, 3:34:23.28 (1286328 timeticks)
| snmp-win32-shares:
|_ baseoid: 1.3.6.1.4.1.77.1.2.27
1022/udp open|filtered exp2
1023/udp open|filtered unknown
3702/udp open|filtered ws-discovery
5355/udp open|filtered llmnr
MAC Address: A03:C1:BD:C8:32 (Unknown)
Device type: general purpose
Running: Wind River VxWorks
OS CPE: cpe:/o:windriver:vxworks
OS details: VxWorks
Uptime guess: 0.150 days (since Fri Mar 21 09:55:04 2014)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=255 (Good luck!)
IP ID Sequence Generation: Busy server or unknown class
Service Info: Hosts: HPA0D3C1BDC832, HPPS7525; Device: printer; CPE: cpe:/h:hphotosmart_7520
Host script results:
| nbstat:
| NetBIOS name: HPA0D3C1BDC832, NetBIOS user: <unknown>, NetBIOS MAC: <unknown>
| Names
| HPA0D3C1BDC832<00> Flags: <unique><active><permanent>
| MSHOME<00> Flags: <group><active><permanent>
| HPA0D3C1BDC832<20> Flags: <unique><active><permanent>
| HPPS7525<00> Flags: <unique><active><permanent>
|_ HPPS7525<20> Flags: <unique><active><permanent>
| smb-security-mode:
| Account that was used for smb scripts: guest
| User-level authentication
| SMB Security: Challenge/response passwords supported
|_ Message signing disabled (dangerous, but default)
TRACEROUTE
HOP RTT ADDRESS
1 23.26 ms 192.168.1.211
NSE: Script Post-scanning.
Read data files from: F:\Progs\Nmap
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 180.90 seconds
Raw packets sent: 2030 (74.829KB) | Rcvd: 2921 (149.377KB)
+++++++++++++++++++++++++++++++++++++++++++++++++++++===
Full TCP port scan without UDP scanning of all ports, showing up as open... * designates open and active.
192.168.223.1Discovered open port 25/tcp on
*192.168.223.1Discovered open port 80/tcp on
*192.168.223.1Discovered open port 110/tcp on
*192.168.223.1Discovered open port 119/tcp on
*192.168.223.1Discovered open port 139/tcp on
192.168.223.1Discovered open port 143/tcp on
*192.168.223.1Discovered open port 443/tcp on
*192.168.223.1Discovered open port 445/tcp on
192.168.223.1Discovered open port 465/tcp on
192.168.223.1Discovered open port 563/tcp on
192.168.223.1Discovered open port 587/tcp on
*192.168.223.1Discovered open port 631/tcp on
192.168.223.1Discovered open port 993/tcp on
192.168.223.1Discovered open port 995/tcp on
*192.168.223.1Discovered open port 7435/tcp on
*192.168.223.1Discovered open port 6839/tcp on
*192.168.223.1Discovered open port 8080/tcp on
192.168.223.1Discovered open port 8089/tcp on
*192.168.223.1Discovered open port 9100/tcp on
*192.168.223.1Discovered open port 9220/tcp on -
Hi,
Just a quick clarification. We use IP SLA product with a router configured as the SA agent(with ip sla monitor responder enabled) and use our SNMP Management station (Concord) to measure/take the stats from the routers and display accordingly. However, all the SA Agents (Customer CPE) have now moved behind a 3rd party maintained firewall. I need to open up this firewall but am unsure of the direction of the traffic flow.
So, I think it uses UDP Port 1967 but can you tell me if the SNMP Concorde Station polls the SA Agents/Customer CPE with UDP port 167 as destination?
dunshaughlin_PE14_dub>sh ip sockets
Proto Remote Port Local Port In Out Stat TTY OutputIF
17 0.0.0.0 0 10.88.79.225 1967 0 0 211 0
17 255.255.255.255 0 10.80.103.84 2067 0 0 100001 0
17 10.196.126.39 162 10.80.103.84 50646 0 0 0 0Back again, I've just been onto the Concorde support people.
They have come back to me confirming that there concorde server can communicate via Port 161 to both the SAA Source and SAA Destination. The SAA Destination where the Responder command is enabled(10.80.103.105) can ping the SAA Source(10.80.100.54). However, Concorde are insisting that I need to confirm that the SAA source and SAA Destionation SLA app are communicating with each other.
I can successfully ping between each other but the ACL 111 I have enabled on both ends is not picking anything up even though Concorde is setup to poll every 62 seconds? My access-list 111 which I am debugging is
SAA_Responder_dub#sh access-list 111
Extended IP access list 111
10 permit icmp host 10.80.100.54 host 10.88.163.225
20 permit icmp host 10.80.100.54 host 10.80.103.105
30 permit ip host 10.80.100.54 host 10.80.103.105
40 permit ip host 10.80.100.54 host 10.88.163.225
SAA_Responder_dub#
Any ideas or should I raise a TAC? -
Re-routing of SNMP traps from port 162 to port greater than 1024
Hello,
I have to re-route SNMP traps received at port 162 to some other port greater that 1024 (say 2041). There is an application which sends SNMP traps to port 162 and our application running on Windows listens for SNMP traps on port 2041, so we want
to route/forward the traps internally from port 162 to 2041.
I have been looking at the rules defined in 'Windows Firewall with advanced security' but not able to succeed. I noticed that there is a predefined rule for SNMP traps but it does not give me an option to forward the trap to another port. I tried
creating a new rule but that also does not give me an option to change the port.
Please help.Hi,
According to Technet Library:
SNMP uses the default UDP port 161 for general SNMP messages and UDP port 162 for SNMP trap messages. If these ports are being used by another protocol or service, you can change the settings by modifying the local Services file on the agent. The Services
file is located in \ % SystemRoot %\System32\Drivers\Etc
There is no file name extension. You can use any text - based editor to modify the file. The management system must also be configured to listen and send on the new ports.
Caution:
If you have previously configured IP security to encrypt SNMP messages on the default ports, you must also update the IP security policy with the new port settings. Otherwise, communication can be erroneously blocked or SNMP communications might not be secured.
You can access to the link below for this article:
http://technet.microsoft.com/en-us/library/cc959643.aspx
Roger Lu
TechNet Community Support -
Incoming and Outgoing Printer Ports
Incoming ports (UDP) are destination ports on the computer while outgoing ports (TCP) are destination ports on the HP printer.
• Incoming (UDP) ports: 137, 138, 161, 427
• Outgoing (TCP) ports: 137, 139, 427, 9100, 9220, 9500
The ports are used for the following functions:
Printing
UDP ports: 427, 137, 161
TCP port: 9100
Photo card upload
UDP ports: 137, 138, 427
TCP port: 139
Scanning
UDP port: 427
TCP ports: 9220, 9500
HP device status
UDP port: 161
Faxing
UDP port: 427
TCP port: 9220
HP device installation
UDP port: 427
Web Services Ports
UDP and TCP: 80, 443, 5222, and 5223
Bonjour Ports
UDP and TCP: 5353, 5297, and 5298
Don't forgot to say thanks by giving "Kudos" if I helped solve your problem.
When a solution is found please mark the post that solves your issue.
Every problem has a solution!If you can't find a place to set exceptions in your AVG software for the printer's IP address, try contacting either AVG support or your internet service provider. I've had customers who have received free help getting their IP address DMZed.
Don't forgot to say thanks by giving "Kudos" if I helped solve your problem.
When a solution is found please mark the post that solves your issue.
Every problem has a solution! -
I have two 2811 routers with open ports that I am told to close.
Both routers are running the same IOS version.
flash:c2800nm-advipservicesk9-mz.124-25d.bin.
These are Internet facing routers and thus we do not run IPv6 on these rotuers (yet).
My question:
Is there a way to disable the three IPv6 listening ports?
1. Port 161 and 162 should only be open for our IPv4 SNMP server(s).
2. Port 64963 is unknown
3. Port 49402 is unknown
Thanks
Frank
REMOTE-HD# sh ip sockets
Proto Remote Port Local Port In Out Stat TTY OutputIF
17 --listen-- 172.16.21.10 2887 0 0 11 0
17 10.8.1.251 54120 172.16.21.10 161 0 0 1001 0
17 --listen-- 172.16.21.10 162 0 0 1011 0
17 --listen-- 172.16.21.10 59393 0 0 1011 0
17(v6) --listen-- --any-- 161 0 0 20001 0
17(v6) --listen-- --any-- 162 0 0 20011 0
17(v6) --listen-- --any-- 64963 0 0 20011 0
17 --listen-- 172.16.21.10 123 0 0 1 0
17 --listen-- 172.16.21.10 500 0 0 11 0
17 --listen-- 172.16.21.10 4500 0 0 11 0
17 10.8.1.9 514 172.16.21.10 51074 0 0 200 0
HQ_HD#sh ip sock
Proto Remote Port Local Port In Out Stat TTY OutputIF
17 --listen-- 172.16.0.8 2887 0 0 11 0
17 10.8.1.11 59506 10.10.0.8 161 0 0 1001 0
17 --listen-- 172.16.0.8 162 0 0 1011 0
17 --listen-- 172.16.0.8 64265 0 0 1011 0
17(v6) --listen-- --any-- 161 0 0 20001 0
17(v6) --listen-- --any-- 162 0 0 20011 0
17(v6) --listen-- --any-- 49402 0 0 20011 0
17 --listen-- 172.16.0.8 123 0 0 1 0
17 --listen-- 172.16.0.8 500 0 0 11 0
17 --listen-- 172.16.0.8 4500 0 0 11 0
17 10.8.1.9 514 172.16.0.8 56794 0 0 200 0Here is the complete config; passwords and IP addresses etc.removed,
NO reference to IPv6 anywhere.
HQ_HD#sh ip sockets
Proto Remote Port Local Port In Out Stat TTY OutputIF
17 --listen-- 172.16.0.8 2887 0 0 11 0
17 10.8.1.11 59503 10.10.0.8 161 0 0 1001 0
17 --listen-- 172.16.0.8 162 0 0 1011 0
17 --listen-- 172.16.0.8 64265 0 0 1011 0
17(v6) --listen-- --any-- 161 0 0 20001 0
17(v6) --listen-- --any-- 162 0 0 20011 0
17(v6) --listen-- --any-- 49402 0 0 20011 0
17 --listen-- 172.16.0.8 123 0 0 1 0
17 --listen-- 172.16.0.8 500 0 0 11 0
17 --listen-- 172.16.0.8 4500 0 0 11 0
17 10.8.1.9 514 172.16.0.8 56794 0 0 200 0
HQ_HD#term leng 0
HQ_HD#sh run
Building configuration...
Current configuration : 5464 bytes
! Last configuration change at 14:12:54 EST Wed Feb 1 2012 by XXXXXXXXXXXXXXXX
! NVRAM config last updated at 14:12:56 EST Wed Feb 1 2012 by XXXXXXXXXXXXXXXX
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname HQ_HD
boot-start-marker
boot system flash:c2800nm-advipservicesk9-mz.124-25d.bin
boot system flash:c2800nm-advipservicesk9-mz.124-25b.bin
boot-end-marker
logging buffered 4096 debugging
enable secret --removed--
aaa new-model
aaa group server tacacs+ group1
server --removed--
aaa authentication login default group group1 local line
aaa authentication enable default group tacacs+ enable
aaa accounting exec default start-stop group group1
aaa accounting commands 1 default stop-only group group1
aaa accounting commands 15 default stop-only group group1
aaa accounting connection default start-stop group group1
aaa accounting system default start-stop group group1
aaa session-id common
clock timezone EST -5
clock summer-time EDT recurring
no ip source-route
ip cef
no ip bootp server
no ip domain lookup
ip domain name --removed--
ip name-server --removed--
ip name-server --removed--
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
voice-card 0
no dspfarm
archive
log config
hidekeys
ip tcp synwait-time 10
ip ssh time-out 90
ip ssh authentication-retries 2
ip ssh source-interface Loopback0
ip ssh version 2
crypto isakmp policy 10
encr --gone--
hash --gone--
authentication --gone--
group --removed--
crypto isakmp key --gone-- address --gone--
crypto isakmp keepalive xxxxx
crypto ipsec transform-set stronger --removed-- esp-sha-hmac
crypto map vpn 20 ipsec-isakmp
set peer --removed--
set transform-set stronger
match address 110
interface Loopback0
ip address 172.16.0.8 255.255.255.255
interface FastEthernet0/0
ip address removed--
interface FastEthernet0/1
ip address --removed--
ip access-group 100 in
ip tcp adjust-mss 1460
load-interval 30
crypto map vpn
hold-queue 100 out
ip forward-protocol nd
ip route --gone--
no ip http server
no ip http secure-server
logging history informational
logging facility syslog
logging source-interface Loopback0
logging --removed--
access-list 1 remark VTY and SNMP and ssh
access-list 1 permit --removed--
access-list 1 permit --removed--
access-list 1 deny any log
access-list 100 permit esp --removed--
access-list 100 permit udp --removed--
access-list 110 permit ip --removed--
access-list 110 permit ip --removed--
snmp-server engineID --removed--
snmp-server community --removed--
snmp-server community --removed--
snmp-server enable --removed--
tacacs-server host --removed-- key --gone--
tacacs-server directed-request
control-plane
scheduler allocate 20000 1000
ntp clock-period 17208029
ntp server --gone--
ntp server --gone--
ntp server --gone--
end
HQ_HD#sh run | i v6
...blank
HQ_HD#sh run | i V6
...blank
Thanks for helping
Frank -
Firewall Ports Required for NAC manager to manage/add Cisco switch
Hi,
I am trying to add cisco switches to the NAM, however i am not able to add the switch as I am getting the error "unable to control switch" I have tried to open ports 161-162 on the firwall; if i was to allow any traffic between the NAM and switch, the cisco NAM is able to add/manage the switch.
Not sure what other ports may be required for cisco NAM to manage the switch?
Thanks.Hi,
AFAIK, only the UDP ports 161-162 for the SNMP communication need to be open.
Please make sure you have configured the correct port on the switch:
(config)# snmp-server host 172.16.1.61 traps version 2c cam_v2 udp-port 162 mac-notification snmp
If still not working i would check the logs on the firewall for any blocked traffic between the CAM and the switch.
HTH,
Tiago
If this helps you and/or answers your question please mark the question as "answered" and/or rate it, so other users can easily find it. -
Vision box opens a port - Is this safe?
Following on from this thread my hub3 had a firmware update in the early hours, it's now 4.7.5.1.83.8.94.1.11 (Type A).
Anyway, when the hub3's came out shields up reported that port 161 was open and flagged this as a bad.
After the hub firmware update port 161 is now closed, but shields up now reports the port 1024 is open.
(I don't recall port 1024 being open prior to the hub's firmware update - could someone test and let me know)
The hub's event log and some testing proves it is the BTVision box, so is this safe?
-+-No longer a forum member-+-
Solved!
Go to Solution.Interestingly nmap reports port 1024 on what I assume is my old black BTVision box, (as opposed to what I think must be the two ports inside), as being the KDE display manager...
widget@desktop:~$ nmap -PN -p 1024 192.168.1.66
Starting Nmap 5.21 ( http://nmap.org ) at 2012-12-12 10:28 GMT
Nmap scan report for Unknown-b0-89-91-f5-e5-21.home (192.168.1.66)
Host is up.
PORT STATE SERVICE
1024/tcp filtered kdm
Nmap done: 1 IP address (1 host up) scanned in 2.46 seconds
The two ports inside have port 80 open.
Having said that I've been leaving uPNP on because I play various online games, etc. and can't be bothered to sort out port forwarding for each of them. Most security concerns revolve around insecured applications and if you've got those you're in a whole WORLD of trouble anyway. In any case, opinions are divided...
http://networking.nitecruzr.net/2006/01/nat-routers-with-upnp-security-risk-or.html
http://www.howtogeek.com/122487/htg-explains-is-upnp-a-security-risk/
I haven't run windoze for a decade and a half, I don't install stuff if I don't know where it's come from, (and can preferably study the source code and recompile if I want to), so I doubt I'm in too much danger.
I did think about installing a NAT router construcyed from an old PC between the BT Vision box and the homehub just to see what is what sending and where using iptraf logging but haven't got around to it. I did have a little wireless NAT router inserted betwen them which had a log feature but never got around to studying them as the log facility on it wasn't very sophistacted, it lacked 'granularity', (love that word).
I've always told people they shouldn't rely on their routers for security so maybe I've just been listening to my own advice too long. -
Port Forwarding and Loopback with HomeHub 3B
There have been a number of threads discussing port forwarding and loopback, so I thought it might be useful to summarise my experiences. I have two HomeHub 3Bs on separate lines, one is a standard broadband line, the other is on an Infinity connection. My experience is limited to these two specific devices :-)
Port Forwarding does work but it is "temperamental" and "arcane" in the way you need to set it up. Although I have had it running perfectly, I have also had experiences where the router has refused to "accept" my changes. Tentatively, I put this down to the fact that I was running a Seagate GoFlex network drive on the network and this piece of equipment (definitely a Do Not Buy) was acting aggressively and screwing up the DDNS allocations. But ... YMMV
One definite probllem with Port Forwarding is if you attempt to specify a range of addresses. I have failed to get this to work on both my hubs. In my case I was trying to forward (say) 8021-8022 to 21-22, and the router insisted on forwarding both 8021 and 8022 to port 21. The cure is to set up each port as a separate rule within the same user-defined application.
On Loopback, I know various people have said it doesnt work, but it has always worked fine for me, at both the locations where I have a HomeHub 3B. I use a DDNS service and I can test that my port forwarding is working by opening a Command Prompt window on my PC and typing telnet mydomain.dyndns.web.com 21 or whatever. That command contacts my DDNS host to ascertain my IP address and then (attempts to) connect to port 21.
If port 21 is closed on your router (i.e. you have no port forwarding in place) you will see the message attempting to connect to mydomain.dyndns.web.com... and, after a while that will time out, with Could not open connection to the host, on port 21: Connect failed. If you do have your port forwarding set up correctly then your application will respond in some appropriate mannerr. However, you do need to understand what youre doing, because the response of an application that is expecting HTTP data is simply to do nothing! You will probably get a blank screen. If you type GET / HTTP/1.1 [note spaces] (which is not echoed to your screen, so be careful not to mistype it) you will receive a page of HTTP response data and HTML data. Thus proving that your port forwarding is working.
If you do not have any port forwarding set up at all, you can still test the loopback function by attempting to connect to port 161. This port is open on the BT routers and telnetting to it will result in a blank screen (as opposed to the attempting to connect message).
In summary: loopback works on the Home Hub 3B. Port forwarding also works to a degree but it is temperamental and does have some quirks, like not properly accepting ranges of ports. On this last point, at least, it would be helpful to get an acknowledgement from BT that this is a known fault.There have been a number of threads discussing port forwarding and loopback, so I thought it might be useful to summarise my experiences. I have two HomeHub 3Bs on separate lines, one is a standard broadband line, the other is on an Infinity connection. My experience is limited to these two specific devices :-)
Port Forwarding does work but it is "temperamental" and "arcane" in the way you need to set it up. Although I have had it running perfectly, I have also had experiences where the router has refused to "accept" my changes. Tentatively, I put this down to the fact that I was running a Seagate GoFlex network drive on the network and this piece of equipment (definitely a Do Not Buy) was acting aggressively and screwing up the DDNS allocations. But ... YMMV
One definite probllem with Port Forwarding is if you attempt to specify a range of addresses. I have failed to get this to work on both my hubs. In my case I was trying to forward (say) 8021-8022 to 21-22, and the router insisted on forwarding both 8021 and 8022 to port 21. The cure is to set up each port as a separate rule within the same user-defined application.
On Loopback, I know various people have said it doesnt work, but it has always worked fine for me, at both the locations where I have a HomeHub 3B. I use a DDNS service and I can test that my port forwarding is working by opening a Command Prompt window on my PC and typing telnet mydomain.dyndns.web.com 21 or whatever. That command contacts my DDNS host to ascertain my IP address and then (attempts to) connect to port 21.
If port 21 is closed on your router (i.e. you have no port forwarding in place) you will see the message attempting to connect to mydomain.dyndns.web.com... and, after a while that will time out, with Could not open connection to the host, on port 21: Connect failed. If you do have your port forwarding set up correctly then your application will respond in some appropriate mannerr. However, you do need to understand what youre doing, because the response of an application that is expecting HTTP data is simply to do nothing! You will probably get a blank screen. If you type GET / HTTP/1.1 [note spaces] (which is not echoed to your screen, so be careful not to mistype it) you will receive a page of HTTP response data and HTML data. Thus proving that your port forwarding is working.
If you do not have any port forwarding set up at all, you can still test the loopback function by attempting to connect to port 161. This port is open on the BT routers and telnetting to it will result in a blank screen (as opposed to the attempting to connect message).
In summary: loopback works on the Home Hub 3B. Port forwarding also works to a degree but it is temperamental and does have some quirks, like not properly accepting ranges of ports. On this last point, at least, it would be helpful to get an acknowledgement from BT that this is a known fault. -
Hello Team,
Is it possible to change the KVM Port for UCS B-Series servers?
I used WireShark to verify that KVM Access for B-Series uses the same default port as UCS C-Series (2068). I found instructions regarding changing the KVM port for C-Series. However, I could not find any documentation on changing this value for B-Series.
From the UCS CLI, i tried searching local-mgmt commands as well scoping to the system, fabric interconnects, and individual blade servers, but I still could not find anything.
Thank you,
TrevorHere's a list of externally exsposed ports used in the system:
HTTP—By default, TCP port 80
HTTPS—By default, TCP port 443
FTP—By default, TCP port 21
TFTP—By default, UDP port 69
SSH/SFTP/SCP—By default, TCP port 22
SNMP—By default, UDP port 161. 162
SMTP—By default, TCP port 25
DNS—By default, UDP port 53
IPMI—By default, UDP port 623
SoL—By default, TCP port 22
KVM—By default, TCP port 2068
There may be other internal ports used, but the user will used by the system only. If this is an important request for your customer I would suggest you go through your local Cisco account team and ask for this feature. Coming through the account team the request will have more weight.
Regards,
Robert -
IPF is not allowing port 33439 to connect
Hi,
I'm using port 161(SNMP) and 33439 port as UDP ping for cacti, I noticed a strange behavior in some servers, even in ipf I allowed those ports, 33439 is failing to connect but the same is working on other servers, if I stop the IPF I'm able to connect the port 33439. Please helpme out on this
# monitor snmp and udp ping
pass in quick proto udp from 172.22.160.110/32 to any port=161
pass in quick proto udp from 172.22.160.110/32 to any port=33439
Thanks
Niranjan- Set the Radio Band to Standard-20MHz and change the Standard channel to 11-2.462GHz under Wireless tab
- Uncheck "Filter Anonymous Internet Requests" under Security tab
- Disable Fram Brust under Advance Wireless Settings
If the above option doesn't improve the performance then,try to reflash/upgrade the router's firmware,reset the router and reconfigure it from the scratch.
Maybe you are looking for
-
How do I get my Powerbook G4 to stop looking for a PPPoE server?
I was given an old PowerBook G4 and while I am using it, a message keeps popping up. The message says, "Internet Connect. Could not find a PPPoE server." I don't know how to get this to stop. Please help me. Thanks.
-
istalling third party instruments.. i have tried to go to application support and putting them into the sampler but they are still not showing up.. can someone help me
-
WD Passport Elite Ext Drive and iMacs?
I bought a WD Passport Elite (500GB). It is a portable drive that is supposed to work with Windows and Macs. I just hooked it up tonight using the USB 2.0 it came with and plugged it into the back of my iMac (10.4.11). The icon shows up in my Finder
-
Reducing the length of my movie
I finally discovered why i couldnt upload it onto yOu tube despite the fact I THOUGHT i had trimmed the length from an hour to about 5 mins(in fact two clips left on the clips viewer).I moved all the others back onto the clips pane ,i clicked *save a
-
Communications.xml Adobe Flash CS3
Hi, I am very new on the field of flash media (streaming) server and i am just trying to follow the examples i found to the Developer center. I am using Flash CS3. One of the first things that training videos note is to import the Communications.xml