Welcome to the community! Read our posting tips, and learn how to earn ranks, levels and badges to get started.

Ask any devices or smart home question in the Devices/Security or Network Troubleshooting Categories.


Happy posting!

12346 open port

DougDoug Posts: 3Member
Name Dropper First Comment
edited January 11 in Devices & Security
I bought Tenda branded powerline adapters to get a wired connection to a new PC. Running a Fing scan I've found that there is an open port, 12346 Netbus backdoor trojan. This sounds worrying - is it?
Tagged:

Best Answers

Answers

  • MarcMarc Posts: 602Moderator, Beta Tester
    500 Comments 250 Likes 25 Answers 100 Agrees
    ✭✭✭✭✭
    edited January 11
    @Doug on the surface this is worrying.  I can't find any relationship between the port and tenda as a default configuration.  And as far as that port is concerned, lots of Trojans using it etc..  You could try to reset the power line adapter to factory defaults and refresh it or you could just return it if it's not too late.  Another avenue to pursue is to call the adapters support line and see what they say.  Regardless, I would avoid using it till this is cleared up.  The rest of the folks on Fing, care to chime in?  @rooted , @kltaylor thoughts?

    Thats Daphnee, she's a good dog...
  • rootedrooted Gulf Coast, USPosts: 315Moderator
    25 Answers 100 Comments 25 Likes Member of the Month
    ✭✭✭

    I would contact Tenda and ask them about the open port and what it's for.

    https://www.tendacn.com/us/service/page/technicalsupport.html

    Have you scanned your network externally?

    Ciaran
  • DougDoug Posts: 3Member
    Name Dropper First Comment
    Thanks for quick responses. I've removed the powerline adapters and still have the same open port - rooky error of spotting the port on the same day I installed the adapters (sorry Tenda).
    I'm now progressively powering down other connected devices but have not got to the bottom of it yet. It's showing up as Node-9EBFE9 on my router manager and Fing identifies the manufacturer as Espressif. My router manager won't let me delete it but I have stopped it from connecting to the internet until I figure out what is going on.
    rooted
  • DougDoug Posts: 3Member
    Name Dropper First Comment
    Thanks @rooted. It is a Cololight Pro-Smart LED panel light that is the source. I've unplugged it and now need to figure out if it is a risk before doing anything else.
  • rootedrooted Gulf Coast, USPosts: 315Moderator
    25 Answers 100 Comments 25 Likes Member of the Month
    ✭✭✭

    You're welcome, if my post answered your question you can select the option underneath the post.

    Ciaran
  • rootedrooted Gulf Coast, USPosts: 315Moderator
    25 Answers 100 Comments 25 Likes Member of the Month
    ✭✭✭

    Your duckduckgo-fu is better than mine.

  • MarcMarc Posts: 602Moderator, Beta Tester
    500 Comments 250 Likes 25 Answers 100 Agrees
    ✭✭✭✭✭
    rooted said:

    Your duckduckgo-fu is better than mine.

       ;)
    Thats Daphnee, she's a good dog...
  • kltaylorkltaylor Posts: 671Moderator, Beta Tester
    500 Likes 500 Comments 100 Agrees 25 Awesomes
    ✭✭✭✭✭
    I honestly think @Doug, that you're moving in the right direction.  Shut down anything that's connecting to your network until you find the culprit. If this were me, even with this being a possible false-positive, I would still eliminate it from my network and open a dialog with the manufacturer of said device.
    "There's a fine line between audacity and idiocy."
    -Warden Anastasia Luccio, Captain
Sign In or Register to comment.