Community Forum

Open ports on LAN-side of Arris T1682G

Highlighted
New Poster

Open ports on LAN-side of Arris T1682G

A LAN-side scan of my Arris T1682G shows ten open or filtered ports.  Should there be this many?  Anyone have insight into what the ports > 443 are?  Nmap results below.

 

nmap -p- 192.168.1.1

Starting Nmap 7.70 ( https://nmap.org ) at 2018-05-14 16:33 PDT

Nmap scan report for 192.168.1.1

Host is up (0.0020s latency).

Not shown: 65525 closed ports

PORT      STATE    SERVICE

22/tcp    filtered ssh

23/tcp    filtered telnet

53/tcp    open     domain

80/tcp    open     http

443/tcp   open     https

2601/tcp  open     zebra

7547/tcp  filtered cwmp

49152/tcp open     unknown

51515/tcp open     unknown

58081/tcp open     unknown

New Poster

Re: Open ports on LAN-side of Arris T1682G

Look like port forwarding setup for a game console or some other device that requires specific ports to be open.

Expert

Re: Open ports on LAN-side of Arris T1682G

Zebra (TCP 2601) is an older networking protocol that tells devices where to go on yout network. TCP 7547 is the CWMP (CPE WAN Management Protocol) , which is an autoconfiguration protocol for remote devices via a WAN link. Those two are most likely from Comcast, i.e. the gateway.. 

 

The last three are dynamic TCP ports, which I suspect are from Windows computers on your network. 

 

SInce they're on the LAN side, and not the WAN, they're internal to your network, and quite normal, so I wouldn't be worried about them. 


Comcast Experts are other customers who volunteer their time helping on the forum and have been recognized by the community. For more information on the Expert Program, please click here.
Unless so specifically stated, my opinions written herein are my own and do not necessarily reflect the views of Comcast, its official employees or affiliates.
New Poster

Re: Open ports on LAN-side of Arris T1682G

Fun fact, port 51515 is something that's on the Comcast modem, looks like it has to do with their built in wifi control/status. Nothing you can do about it, and they don't want to fix it either. Looks like it has some decent vulnerabilities as well ;-) PHP Vulnerabilities (High, Medium)

Silver Problem Solver

Re: Open ports on LAN-side of Arris T1682G


@mattgphoto wrote:

Fun fact, port 51515 is something that's on the Comcast modem, looks like it has to do with their built in wifi control/status. Nothing you can do about it, and they don't want to fix it either. Looks like it has some decent vulnerabilities as well ;-) PHP Vulnerabilities (High, Medium)


Just an FYI; my XB6 shows that port as closed using the ShieldsUp! probe.

https://www.grc.com/x/portprobe=51515


I am not a Comcast employee; I am just a customer, volunteering my time to help other customers here in the Forums.
Expert

Re: Open ports on LAN-side of Arris T1682G


@mattgphoto wrote:

Fun fact, port 51515 is something that's on the Comcast modem, looks like it has to do with their built in wifi control/status. Nothing you can do about it, and they don't want to fix it either. Looks like it has some decent vulnerabilities as well ;-) PHP Vulnerabilities (High, Medium)


Yeah, I highly doubtful that.

Considering the thread is over 90 days old and OP hasn't bothered to respond, this thread is closed. 


Comcast Experts are other customers who volunteer their time helping on the forum and have been recognized by the community. For more information on the Expert Program, please click here.
Unless so specifically stated, my opinions written herein are my own and do not necessarily reflect the views of Comcast, its official employees or affiliates.