Open ports Apple Airport router
Hi there community,
I use an AirPort Time Capsule 802.11ac as router with a fibre optic 100/10 connection. My fingbox shows 6 open ports (I am not sure if it safe to write down which ports are open). Is there anything to worry or is this normal for this router to function?
Thanks to advice
Regards Erwin
Comments
-
@FingFan2012 @GadgetVirtuoso @Pooh @MDavide @kltaylor @Romulus anything to add? I definitely think it's more a complex topic than I'm able to offer full advice on, so I've asked help from a few of the experts on here.
I believe some services will also open ports on the router while in use.
There are some required opened ports by Fingbox as well.Make sure to allow Fingbox to reach any IP address on the following TCP ports: 80, 443, 4443, 5671.
In addition, the ports needed for the Internet Speed Test, provided by M-Lab include 3001, 3002, 3003.
Community Manager at Fing
1 -
Without any details it's hard to reply. The OP doesn't list any specifics as to if they're running anything inside their network that requires port forwarding.
As a rule there should be any open ports to the outside listed unless you've purposely set them, or are at least aware.
What port numbers does it list, @ErnieBernie? At a guess they may be UPNP type ports.People say nothing is impossible, but I do nothing every day.1 -
Thanks for the replies
Above a list with the open ports. I have not set anything myself so this must be either done by the Airport router or the Fingbox1 -
@ErnieBernie Hi!,
You received this alert doing a review of ports manually or the Fingbox have alert you by it self?
Are those ports open in the router? (you can have open ports on any device on your network)
I am asking to be sure, because some of those ports are more likely to be open ports on a Windows machine... (unless your router have some services enabled, like file server).
The question here should be identify if those ports are open for outside your local network (accessible from internet, pointing to your "public" IP). If they are not, then maybe there is no problem.
Question to Fing Support could be: Now than I know there are open ports in my network, accessible internal or external (witch ever the case), and I accept the risk involved on it: How can I do to just don't get the alert Fingbox send? (to reduce the notification spam one use to get).Keep looking up!1 -
I did a manual search in Fingbox. Indeed an important detail is that we have 2 iMacs and 2 Windows PC's in the network. One of the pc's is mainly used for gaming online.
Fingbox alerts for open ports after manual search but it doesn't give any suggestions on how to deal with open ports or when it's dangerous. Therefore with this community being online I saw my chance to find out.
1 -
@ErnieBernie That looks like a screen grab of the "Find open ports" screen for a single device on your internal network, apparently a windows PC. That doesn't look like the way the Fingbox reports open ports it's found (on the outside).
To see those in the app you go to "Network" at the bottom of the screen and in the "Protection" section click on "Vulnerability Test". You should see any open ports there.
1 -
I have a Time Capsule as router in my home network. I got alerts just a couple of times for upnp services of my surveillance cameras.
I checked if I needed them... The answer was no and I killed the service :-)
I am not sure whether the TC lets you customise such kind of settings, I'll check.
Davide1 -
You are absolutely right. Thanks for guiding me. I did the Vulnerability Test now and got the following 3 open ports. All ok you think?
1 -
@ErnieBernie - unless you're acutely aware of needing those open I'd shut them down instantly. Those are some dangerous ports to leave open if they resolve to a particular host - especially an unpatch Windows PC.People say nothing is impossible, but I do nothing every day.
3 -
Ok great. I guess I don't need them. I have never opened anything. How do I close them? Could you please guide me through this on how to do this in my Apple TM.
1 -
@ErnieBernie searching around there are tons of guides.
This is the first I found which looks quite complete (@VioletChepil I hope I am not violating community's rules):
https://www.appleroutersetup.com/how-to-setup-port-forwarding-on-apple-router/
Note that port forwarding/UPnP could also be be managed by your modem "above" the TC if the NAT is managed by the modem and not by the TC. The first thing you should check is if the TC is set up in DHCP or DHCP+NAT mode, then if it is the case, follow the guide above.
Otherwise you should go into the modem's setup.
Cheers,
Davide
2 -
Those ports are perfectly acceptable being open on your Time Capsule. Most are required for it to do what it does. Some are specific for your windows computers to access it as a windows share others are for your Apple devices to access and configure the device. It looks like you are on the same internal network as the Time Capsule here.
The real danger is if these ports are open through your router using port forwarding where you run the risk of anyone on the internet poking around your time capsule data.
Check with your Router Manufacturer’s website or manual to take a look and verify these ports are blocked inbound from outside of your network.
1 -
This is normal operation for the TimeCapsule as these open ports are open on the LAN side of your device not externally. If you open Airport Utility, select edit on the TimeCapsule or Airport Basestation, then go to Network. The ports listed under port settings are the ports that are open on the WAN side of the device. Unless you've added an entry here you likely don't have any listed.Additionally as a security precaution it is recommended to turn off UPNP. When you turn off this feature you may find that you will need to add ports. The reason UPNP is dangerous is that its too easy for a compromised device to simply trigger a need for an open port thereby compromising your network even further.
3 -
Thank you all for your comments. Since I have no access to the Fiber Optic modem I will concentrate on the TM router. With help of the TM guides I'm sure I will get further. Thanks again1
Categories
- 4.9K All Categories
- 2.6K Ask about Connected Technology
- How To...
- 931 Devices & Security
- 1.5K Network Troubleshooting & Connectivity
- 100 General Discussion, Weird & Wonderful
- 37 Network Infrastructure
- 4.5K Ask about Fing
- 409 Fing Account Change Request
- 883 Fing Desktop
- 1.1K Fing App
- 1.5K Fingbox
- 467 Announcements, Beta Testing & Release Notes
- 147 Community Updates
- 19 Getting started
- 11 Community User Guides