Ports showing open
-
pfsense 1.2 Live RC1
This may have been added to help elude attackers?
I have noticed when doing a port scan alot of ports are open. I know in earlier versions the WAN port was firewalled unless you specifically enable a port.
21/tcp open ftp
22/tcp open ssh
23/tcp open telnet
25/tcp open smtp
40/tcp open unknown
42/tcp open nameserver
43/tcp open whois
70/tcp open gopher
79/tcp closed finger
80/tcp open http
81/tcp open hosts2-ns
82/tcp open xfer
83/tcp open mit-ml-dev
109/tcp open pop2
110/tcp open pop3
113/tcp open auth
119/tcp open nntp
389/tcp open ldap
443/tcp open https
554/tcp open rtsp
709/tcp open entrustmanager
829/tcp open unknown
990/tcp open ftps
1030/tcp open iad1
1058/tcp open nim
1059/tcp open nimreg
1067/tcp open instl_boots
1068/tcp open instl_bootc
1076/tcp open sns_credit
1080/tcp open socks
1083/tcp open ansoft-lm-1
1084/tcp open ansoft-lm-2
1433/tcp open ms-sql-s
1494/tcp open citrix-ica
1723/tcp open pptp
1755/tcp open wms
3306/tcp open mysql
3389/tcp open ms-term-serv
5000/tcp open UPnP
5800/tcp open vnc-http
5900/tcp open vnc
7070/tcp open realserver
8000/tcp open http-alt
8080/tcp open http-proxy
8081/tcp open blackice-icecap
8082/tcp open blackice-alerts
8888/tcp open sun-answerbook
9090/tcp open zeus-admin
10082/tcp open amandaidx
10083/tcp open amidxtape
49400/tcp closed compaqdiag
50000/tcp closed iiimsf
50002/tcp closed iiimsf
54320/tcp closed bo2k
61439/tcp closed netprowler-manager
61440/tcp closed netprowler-manager2
61441/tcp closed netprowler-sensor
65301/tcp closed pcanywhere -
Have you enabled the firewall ? Does it not bypass ?
-
What tool are you scanning with? What firewall rules have you enabled on the WAN? And, as Matts said, did you disable the firewall?
-
Either you aren't scanning pfsense, or you opened a whole host including all ports to the world. That's the only way you could possibly see that large of a number of open ports. That looks like a typical Windows Server box with some odd stuff thrown in.
-
I am using nmap
By default the WAN interface is firewalled, I did not diasable it.
Perhaps I am not connected to the right box as dyndns may not be working.