UPnP ports still being detected after disabling UPnP on modem/router

ThAn80752
ThAn80752 Member Posts: 8
Second Anniversary Name Dropper First Comment Photogenic
edited December 2, 2020 in Devices & Security #1
Hello, I'm not sure why a port scan is still detecting an open port after shutting it off on my modem/router. Any assistance or feedback would be greatly appreciated.

Answers

  • Robin_Ex_Fing
    Robin_Ex_Fing Member Posts: 5,293
    5000 Comments 250 Answers 500 Likes 100 Awesomes
    ✭✭✭✭✭✭✭
    Hi @ThAn80752
    After disabling UPnp on router, have you rebooted the router and after that run the scan and see if the same results are displayed? 
    Robin (Admin at Fing)
    Getting Started? Please refer to Community guidelines & Community User Guides. HAPPY POSTING!!!
    ThAn80752
  • ThAn80752
    ThAn80752 Member Posts: 8
    Second Anniversary Name Dropper First Comment Photogenic

    Hello Robin, thank you for your feedback. After disabling UPnP on the router, rebooting the router and running the scan, the results persist; the open port is still being detected.

  • Robin_Ex_Fing
    Robin_Ex_Fing Member Posts: 5,293
    5000 Comments 250 Answers 500 Likes 100 Awesomes
    ✭✭✭✭✭✭✭
    ThAn80752 said:

    Hello Robin, thank you for your feedback. After disabling UPnP on the router, rebooting the router and running the scan, the results persist; the open port is still being detected.

    Can you check with some other tools if the results matches with Fing app or not? Can you check with your ISP as well if the ports are open from their side or not?
    Robin (Admin at Fing)
    Getting Started? Please refer to Community guidelines & Community User Guides. HAPPY POSTING!!!
  • ThAn80752
    ThAn80752 Member Posts: 8
    Second Anniversary Name Dropper First Comment Photogenic
    I'm not sure I understand the first part of that response; I can check with my ISP, however.
  • SpiggyG
    SpiggyG Member Posts: 12
    10 Comments First Anniversary Photogenic
    Fing shows this report saying my IP address can be probed.
    I ran the GRC Shields Up test and it says no ports responded.



  • Bearded
    Bearded Member Posts: 8
    First Comment
    Has this been solved as I ran into the very same problem!
  • Robin_Ex_Fing
    Robin_Ex_Fing Member Posts: 5,293
    5000 Comments 250 Answers 500 Likes 100 Awesomes
    ✭✭✭✭✭✭✭
    Bearded said:
    Has this been solved as I ran into the very same problem!
    Can you share screenshot of the issue? Can you check with some other tools if the results matches with Fing app or not? Can you check with your ISP as well if the ports are open from their side or not?
    Robin (Admin at Fing)
    Getting Started? Please refer to Community guidelines & Community User Guides. HAPPY POSTING!!!
  • Shooter
    Shooter Member Posts: 81
    Second Anniversary 25 Agrees 25 Likes 10 Comments
    ✭✭✭
    Hi Robin, 

    Since this same issue has persisted with my FingBox ever since the app was updated to include this latest Router Vulnerability screen, I'll provide a screenshot for you. As you asked "Bearded", I accessed my router's web interface to confirm that the router's UPnP setting remains disabled, and various port scan websites confirm no open ports. So my FingBox & Fing app remain somewhat in conflict with my router.

    As with other non-critical, but conflicting information generated by the app, I simply disregard these conflicts since they're not in sync with my router. 


    being generated by the app. 
  • Bearded
    Bearded Member Posts: 8
    First Comment


    ShieldsUp also shows no problem.

    Whilst I do get a warning:



    I have 2 full independent networks here at home, different providers & hardware. One router with the problem as show above and one router without a problem, see below.

    My conclusion for now is that the vulnerability check is not 100% accurate?
  • Shooter
    Shooter Member Posts: 81
    Second Anniversary 25 Agrees 25 Likes 10 Comments
    ✭✭✭
    Is Fing trying to make some kind of point about this "Issue" since my comment?

    Because as of 2:57am EST (U.S.A.), my FingBox's blinking Blue LED alert was activated. When I checked the alert on the app, it showed: 1) an Internet Outage of 1 minute, and 2) a new WPS Access Point joined my network.

    (BTW, after more than a year since the huge server outage issue began to create chaos for FingBox owners around the world, I'm still experiencing outages on a regular basis. Obviously, nothing was ever "really" fixed.)

    When I checked the app's Security tab, I found 2 more issues: 1) the "Auto Block New Devices" was deactivated, and 2) the "Router Vulnerability" feature was, considering the nature of my previous post, mysteriously and curiously also deactivated. It is now showing that this feature now requires a "Premium Subscription". WTF, not this again! Am I being punished again for attempting to help out another member with the information I posted? Robin, please reinstate this FingBox feature! 

    Worst of all, the app now indicates that my WiFi network is possibly no longer being protected by my FingBox's security features!!! It appears that my network is no longer under my ISP-provided router's control and its firewall protection. Instead, my network's Device List shows that a completely different MAC Address has control. An independent MAC lookup of that device indicates that it doesn't belongs to a legitimate device manufacturer. If it's some sort of anonymized MAC, I admit having never seen one that is completely different from the actual MAC, as usually only a character or two is changed.

    Additionally, a Digital Fence scan of only Access Points shows a list of 4 different MAC addresses, as opposed to the single MAC that it should. The list includes my router's actual MAC, two derivatives of that MAC, and the last one being the mysterious, completely new MAC that tripped the FingBox alert at 2:57am.

    Come on Fing, what the hell's going on! Robin, please contact me via email. Thanks!