Doom port 666 open on pfsense?
-
Hi everyone,
I nmapped my pfsense box for the first time today via WAN, and this came up:
PORT STATE SERVICE
22/tcp open ssh
53/tcp open domain
80/tcp open http
443/tcp open https
666/tcp open doom <–------------ :-\tcp port 666 (reference to the video game "doom") is opened ?
That port is also used by many trojans...so I've read? -
All WAN side ports on pfSense default as closed. Or actually wont respond to connection attempts. If you are seeing different you either have opened the port(s), or have a device upstream that is actually listening and responding. Do you have upnp activated on your box?
Go over to grc.com and do the tests from there and see if they agree with your other findings.
-
Device upstream was a strong assumption, and most likely what happened, but I wanted to clarify the 666 port question too.
Thank you
-
Almost certainly upstream of you, or wrong. You'd have to configure something on port 666, or a port forward, for that to be the case. Nothing in the system will bind to 666, though a variety of services can be configured on any port you want.
-
Are you using UPnP or NAT-PMP?
-
-
Some of my devices might have used upnp.
Just because your devices use upnp does not mean the router will allow it unless you have activated it. pfSense upnp is not allowed by default.
-
It's probably a package like darkstat that you installed. It wouldn't be open to the WAN unless your WAN rules were overly permissive.