Welcome to the community! Read our posting tips, and learn how to earn ranks, levels and badges to get started.
Ask any devices or smart home question in the Devices/Security or Network Troubleshooting Categories.
Happy posting!
Ask any devices or smart home question in the Devices/Security or Network Troubleshooting Categories.
Happy posting!
Open ports Apple Airport router
ErnieBernie
Member Posts: 21
Hi there community,
I use an AirPort Time Capsule 802.11ac as router with a fibre optic 100/10 connection. My fingbox shows 6 open ports (I am not sure if it safe to write down which ports are open). Is there anything to worry or is this normal for this router to function?
Thanks to advice
Regards Erwin
0
Comments
I believe some services will also open ports on the router while in use.
There are some required opened ports by Fingbox as well.
Make sure to allow Fingbox to reach any IP address on the following TCP ports: 80, 443, 4443, 5671.
In addition, the ports needed for the Internet Speed Test, provided by M-Lab include 3001, 3002, 3003.
Community Manager at Fing
As a rule there should be any open ports to the outside listed unless you've purposely set them, or are at least aware.
What port numbers does it list, @ErnieBernie? At a guess they may be UPNP type ports.
Thanks for the replies
Above a list with the open ports. I have not set anything myself so this must be either done by the Airport router or the Fingbox
You received this alert doing a review of ports manually or the Fingbox have alert you by it self?
Are those ports open in the router? (you can have open ports on any device on your network)
I am asking to be sure, because some of those ports are more likely to be open ports on a Windows machine... (unless your router have some services enabled, like file server).
The question here should be identify if those ports are open for outside your local network (accessible from internet, pointing to your "public" IP). If they are not, then maybe there is no problem.
Question to Fing Support could be: Now than I know there are open ports in my network, accessible internal or external (witch ever the case), and I accept the risk involved on it: How can I do to just don't get the alert Fingbox send? (to reduce the notification spam one use to get).
I did a manual search in Fingbox. Indeed an important detail is that we have 2 iMacs and 2 Windows PC's in the network. One of the pc's is mainly used for gaming online.
Fingbox alerts for open ports after manual search but it doesn't give any suggestions on how to deal with open ports or when it's dangerous. Therefore with this community being online I saw my chance to find out.
To see those in the app you go to "Network" at the bottom of the screen and in the "Protection" section click on "Vulnerability Test". You should see any open ports there.
I have a Time Capsule as router in my home network. I got alerts just a couple of times for upnp services of my surveillance cameras.
I checked if I needed them... The answer was no and I killed the service :-)
I am not sure whether the TC lets you customise such kind of settings, I'll check.
You are absolutely right. Thanks for guiding me. I did the Vulnerability Test now and got the following 3 open ports. All ok you think?
Ok you have port forwarding enabled.
I don't.
Do you need it?
Ok great. I guess I don't need them. I have never opened anything. How do I close them? Could you please guide me through this on how to do this in my Apple TM.
@ErnieBernie searching around there are tons of guides.
This is the first I found which looks quite complete (@VioletChepil I hope I am not violating community's rules):
https://www.appleroutersetup.com/how-to-setup-port-forwarding-on-apple-router/
Note that port forwarding/UPnP could also be be managed by your modem "above" the TC if the NAT is managed by the modem and not by the TC. The first thing you should check is if the TC is set up in DHCP or DHCP+NAT mode, then if it is the case, follow the guide above.
Otherwise you should go into the modem's setup.
Cheers,
Those ports are perfectly acceptable being open on your Time Capsule. Most are required for it to do what it does. Some are specific for your windows computers to access it as a windows share others are for your Apple devices to access and configure the device. It looks like you are on the same internal network as the Time Capsule here.
The real danger is if these ports are open through your router using port forwarding where you run the risk of anyone on the internet poking around your time capsule data.
Check with your Router Manufacturer’s website or manual to take a look and verify these ports are blocked inbound from outside of your network.