Scanning my public IP address with Nmap finds TCP port 1720 open, is this a security concern?
I managed to solve this somewhat by port forwarding both of those open ports on my local network to non-existent ip and to port 9 (Discard Protocol).
This made the port 7547 closed. But the port 1720 still allows telnet connection from the outside world.
I still wonder if these is any way to get this port closed as well.
UPDATE: After dealing with Zyxel customer support it appears that there is no fix for this. Problem is probably caused bug in the firmware.
Related videos on Youtube
06 : 44
![Find Network Vulnerabilities with Nmap Scripts [Tutorial]](https://i.ytimg.com/vi/3U1pJ-eJrAU/hq720.jpg?sqp=-oaymwEXCNAFEJQDSFryq4qpAwkIARUAAIhCGAE=&rs=AOn4CLCx-RgKKzXlv3DRWeI2BYv-HACYCg)
07 : 53
46 : 25
06 : 57
02 : 16
06 : 52
Comments
-
Madoc Comadrin over 1 year
When scanning my public ip address with
NmapI found out that I have open port on1720/TCP. According Nmap service on it isH.323/Q.931. Researching uses of this port also brings up Microsoft Netmeeting.I did the scan from outside, not from my own network.
My router/modem is
ZyXEL P-660HN-T1A, ADSL2+. The modem is in routing state and devices behind it are usingNAT. Devices behind the modem are Windows 7 computer that was turned off during the scan and Linux server that is listening only on22/SSH. On the settings of the modem port forwarding active only for the SSH port. As far as I can see from the settings, there is no remote management allowed fromWAN.So why does port
1720appear open on Nmap scan? Is this some feature of the modem or could this mean some kind of security breach?EDIT: I did the same from my home computer to my public IP. From this point of view the port 1720 is not open. Does that tell something?
EDIT2: From the settings I found out that UPnP was enable for LAN only. I don't have any VOIP services. I am not aware of my ISP managing my device. (They did not provide the device.)
EDIT3: Telneting my public ip and port
1720from the outside connects:Connected to <my ip> Escape character is '^]' <giving any input> Connection closed by foreign host.EDIT4: More scanning revealed that I also had port
7547open (Allegro RomPager according to Nmap). It even provided html page accessed from the internet. -
Madoc Comadrin over 8 yearsFrom the settings I found out that UPnP was enable for LAN only. I don't have any VOIP services. I am not aware of my ISP managing my device. (They did not provide the device.)
-
jaredad7 almost 3 yearsI was running into a similar issue so I scanned some very common sites (google, fb, twitter, etc) for that one port in particular to get a baseline. For some, I saw nmap return that they were open on 1720, for others, that the port was filtered. Would you expect to see this behavior if the issue is what you described above? I know this is an old question, but I haven't found much else online about this.