Open ports are ports that are open to devices outside your network. Open ports provide access into your network including potentially malicious actors. This is a vulnerability so you should have as few of these as possible.
There are two open port lists.
- Ports detected using UPnP protocol. These are opened by another device via the UPnP protocol. If you tap into it, Firewalla will provide details. If you do not need them, you can block them.
- Ports detected through an external scan. These ports are very likely opened by you using port mapping on the router (or by the router). If you do not know why these ports are open, please check your router's ‘port mapping’ settings.
External scan ports may be limited due to filtering done by ISP's. The external scan is done by another Firewalla server in the cloud. This server may either do a deep scan or a shallow scan. In shallow scan, it will only scan the well-known ports such as ssh, https, and HTTP. (Which scan to use depend on the ISP and also the state of the server doing the scan, we are doing our best of not having that server blacklisted)
Learn more about how to handle Open Port alarms.
Reference on port numbers:
Is there a way to force a deep scan?
No, otherwise our server will likely get blacklisted...
Please sign in to leave a comment.