My ping vulnerability test shows service ipcam-h264, service port TUP 81 configured by UPnp,

rgatlinrgatlin Member Posts: 3
Photogenic First Comment
edited October 2019 in Fingbox
I get an open service port TCP 81 with a port service name of "ipcam-h264" when the Fing ios app Vulnerability test is run. The ip address of the device with the open port is not in my device list or in device history.  How can I figure out what device is presenting an open port TCP 81 when the ip address is not listed in my device list.  There is no mac address of the device with the open port just the internal ip on my network. 
VioletChepil

Answers

  • rgatlinrgatlin Member Posts: 3
    Photogenic First Comment
    I left out that in the open port detail it says that its reachable from  " public internet".   Also is says configured via "UPnp" 

    VioletChepil
  • CrowgrandfatherCrowgrandfather Member, Beta Tester Posts: 69
    5 Answers 25 Likes 10 Comments First Anniversary
    ✭✭✭

    So first off I'd highly recommend running a shields up test to make sure your UPnP isn't exposed to the internet. https://www.grc.com/x/ne.dll?rh1dkyd2

    UPnP is a useful tool, but it's fundamentally flawed and in today's day and age serves almost no function. It should never be exposed to the internet.


    Next take a look at CentralOps and run a service scan to verify what you're seeing. https://centralops.net/co/


    See if port 81 is actually open or not. Unfortunately FingBox doesn't report the Mac address of devices that open ports. Unfortunately there's notuch you can do asides from turn off UPnP and close the port.

    VioletChepil
  • VioletChepilVioletChepil London, UKMember Posts: 2,471
    100 Answers 500 Likes 1000 Comments 100 Agrees
    ✭✭✭✭✭✭
    Hey @Pooh anything to add in here?
    I'm not familiar with this one. 

    Community Manager at Fing

  • rgatlinrgatlin Member Posts: 3
    Photogenic First Comment
    Thanks Crow, Since I couldn't figure out which of my devices had the open tcp 81 port I let the fing app try and close the port.  I guess that worked.   I can run the  Fing app Vulnerability test with no problems found.   I did go to Gibson research and run a port scan with no ports open.  Sure would be nice if my Fing box could identify which device had the open port.  Its strange that it does list an IP address but that address is not in the device list or my router ip list.  Thanks again

    VioletChepil
  • PoohPooh Member, Beta Tester Posts: 674
    500 Likes 500 Comments 25 Answers 100 Agrees
    ✭✭✭✭✭
    @rgatlin - open ports are configured at the router and it then forwards traffic to an internal device. The Fingbox is doing a port scan of your external IP address to see what's replying. However only your router knows where that forwarding goes to. There's no easy way for the Fingbox to know this. Especially given that you can have different ports, depending on the router - e.g. it's quite possible to have port 65000 exposed externally that actually goes to a service running on port 32768 on the device itself, so it's nor like the Fingbox can try to map ports.

    All consumer devices are NATted behind an External IP address. For example, your external IP might be 175.15.44.58 (totally random example). but all your internal devices could be using a 192.168/16 addresses (e.g. 192.168.1.15) - again this is known only by your router.
    People say nothing is impossible, but I do nothing every day.
  • VioletChepilVioletChepil London, UKMember Posts: 2,471
    100 Answers 500 Likes 1000 Comments 100 Agrees
    ✭✭✭✭✭✭
    Thanks @rgatlin glad its been sorted and thanks a lot @Crowgrandfather
    @rgatlin you can send out some likes to say thanks for the help and also choose a best answer: (Did this answer the question? Yes/No) will let you choose the best answers.
    As for new feature requests, you can submit those over here: https://community.fing.com/categories/fingbox-feature-requests

    Community Manager at Fing

Sign In or Register to comment.