• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

UDP Port 53 Open

Firewalling
3
7
1.3k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • A
    anemos
    last edited by Oct 20, 2017, 6:51 PM

    Hey guys,

    I performed a nmap scan on my public IP and it says that port 53 is open. Could someone explain me how could that be possible w/t any rules on the wan interface other than the defaults?
    I really cant understand this.

    1 Reply Last reply Reply Quote 0
    • J
      johnpoz LAYER 8 Global Moderator
      last edited by Oct 20, 2017, 6:54 PM

      What do you have in front of pfsense.  You actually scanned from outside your network?  Or did you run nmap from inside your network to your public IP?

      An intelligent man is sometimes forced to be drunk to spend time with his fools
      If you get confused: Listen to the Music Play
      Please don't Chat/PM me for help, unless mod related
      SG-4860 24.11 | Lab VMs 2.7.2, 24.11

      1 Reply Last reply Reply Quote 0
      • A
        anemos
        last edited by Oct 20, 2017, 7:02 PM

        I am scanning outside network. In front of PfSense is just my ISP.

        1 Reply Last reply Reply Quote 0
        • J
          johnpoz LAYER 8 Global Moderator
          last edited by Oct 20, 2017, 7:13 PM

          When you do your scan from outside.. Sniff on pfsense wan, does it even see the 53 inbound.. Its quite possible for your ISP to be intercepting that traffic.  Post up your wan rules and floating rules.

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.7.2, 24.11

          1 Reply Last reply Reply Quote 0
          • A
            anemos
            last edited by Oct 20, 2017, 8:04 PM

            Block private networks
            Block bogon networks
            Allow ipv4 udp port from voip provider address to voip vlan

            No floating rules

            Will scan with capturing on

            1 Reply Last reply Reply Quote 0
            • K
              kpa
              last edited by Oct 20, 2017, 8:33 PM Oct 20, 2017, 8:04 PM

              Test with a real DNS query to your pfSense system's port 53 using the dig command for example. In case of UDP nmap will just tell you that it succesfully sent data to UDP port 53 but doesn't care if a reply came back or not. UDP is stateless and connectionless and you can't do a proper UDP port scan unless you know the application protocol details and use proper tools.

              1 Reply Last reply Reply Quote 0
              • J
                johnpoz LAYER 8 Global Moderator
                last edited by Oct 21, 2017, 7:56 AM

                That is a very valid port… UDP scans are not very accurate..

                An intelligent man is sometimes forced to be drunk to spend time with his fools
                If you get confused: Listen to the Music Play
                Please don't Chat/PM me for help, unless mod related
                SG-4860 24.11 | Lab VMs 2.7.2, 24.11

                1 Reply Last reply Reply Quote 0
                1 out of 7
                • First post
                  1/7
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.