12346 open port

DougDoug Member Posts: 3
Name Dropper First Comment
edited January 11 in Devices & Security
I bought Tenda branded powerline adapters to get a wired connection to a new PC. Running a Fing scan I've found that there is an open port, 12346 Netbus backdoor trojan. This sounds worrying - is it?

Best Answers

Answers

  • MarcMarc Moderator, Beta Tester Posts: 1,350
    100 Answers 1000 Comments 500 Likes 100 Awesomes
    ✭✭✭✭✭✭
    edited January 11
    @Doug on the surface this is worrying.  I can't find any relationship between the port and tenda as a default configuration.  And as far as that port is concerned, lots of Trojans using it etc..  You could try to reset the power line adapter to factory defaults and refresh it or you could just return it if it's not too late.  Another avenue to pursue is to call the adapters support line and see what they say.  Regardless, I would avoid using it till this is cleared up.  The rest of the folks on Fing, care to chime in?  @rooted , @kltaylor thoughts?

    Thats Daphnee, she's a good dog...
  • rootedrooted Gulf Coast, USModerator Posts: 739
    500 Comments 50 Answers 100 Likes 25 Agrees
    ✭✭✭✭

    I would contact Tenda and ask them about the open port and what it's for.

    Have you scanned your network externally?

    Ciaran
  • DougDoug Member Posts: 3
    Name Dropper First Comment
    Thanks for quick responses. I've removed the powerline adapters and still have the same open port - rooky error of spotting the port on the same day I installed the adapters (sorry Tenda).
    I'm now progressively powering down other connected devices but have not got to the bottom of it yet. It's showing up as Node-9EBFE9 on my router manager and Fing identifies the manufacturer as Espressif. My router manager won't let me delete it but I have stopped it from connecting to the internet until I figure out what is going on.
    rooted
  • DougDoug Member Posts: 3
    Name Dropper First Comment
    Thanks @rooted. It is a Cololight Pro-Smart LED panel light that is the source. I've unplugged it and now need to figure out if it is a risk before doing anything else.
  • rootedrooted Gulf Coast, USModerator Posts: 739
    500 Comments 50 Answers 100 Likes 25 Agrees
    ✭✭✭✭

    You're welcome, if my post answered your question you can select the option underneath the post.

    Ciaran
  • rootedrooted Gulf Coast, USModerator Posts: 739
    500 Comments 50 Answers 100 Likes 25 Agrees
    ✭✭✭✭

    Your duckduckgo-fu is better than mine.

  • MarcMarc Moderator, Beta Tester Posts: 1,350
    100 Answers 1000 Comments 500 Likes 100 Awesomes
    ✭✭✭✭✭✭
    rooted said:

    Your duckduckgo-fu is better than mine.

       ;)
    Thats Daphnee, she's a good dog...
  • kltaylorkltaylor Moderator, Beta Tester Posts: 1,191
    1000 Comments 500 Likes 50 Answers 100 Awesomes
    ✭✭✭✭✭✭
    I honestly think @Doug, that you're moving in the right direction.  Shut down anything that's connecting to your network until you find the culprit. If this were me, even with this being a possible false-positive, I would still eliminate it from my network and open a dialog with the manufacturer of said device.
    "There's a fine line between audacity and idiocy."
    -Warden Anastasia Luccio, Captain
Sign In or Register to comment.