I can understand why port 53 and 80 are open, but why 6666 and 7777 ? What are they doing there ? The device is made by Haier, which is accused many times of shipping devices with preinstalled malwares.
So my main question is how can I go deeper into this issue ?
Port 7777/tcp can be used by: iChat server file transfer proxy or Oracle Cluster File System 2 or even games (Ultima Online, Active Worlds).Same for port 6666 - this one is often used for relay chat, but can indeed be used by a lot of malware too. So it's not the port itself that is the problem (or it's current state). You must analyse the traffic on that port when the device is in normal functionality mode in order to determine if there is something bad sent through there.
Port 7777/tcp can be used by: iChat server file transfer proxy or Oracle Cluster File System 2 or even games (Ultima Online, Active Worlds). Same for 6666 - this one is often used for relay chat, but can indeed be used by a lot of malware too. So it's not the port itself that is the problem (or it's current state).
An open port refers to a TCP or UDP port number that is actively accepting packets. In other words, behind it is a system that is receiving communication. A closed port, on the other hand, rejects or ignores packets. Some ports are reserved for specific protocols and are therefore required to be open.
The router is using port 80 for its HTTP management page as well as the firewall blocking page. Below are the configuration required for turning off TCP port 80 for the router.
What security risks do open ports pose? Open ports by themselves do not pose security risks. However, it depends on the port configuration and protection. If ports are not properly configured, hackers can potentially access your computer or network, exploit software vulnerabilities, and gain control of the system.
HTTP and HTTPS (Ports 80, 443, 8080, and 8443): These hotly-targeted ports are used for HTTP and HTTPS protocols and are vulnerable to attacks such as cross-site scripting, SQL injections, cross-site request forgeries, and DDoS attacks.
Web Services Dynamic Discovery (WS-Discovery) is a technical specification that defines a multicast discovery protocol to locate services on a local network. It operates over TCP and UDP port 3702 and uses IP multicast address 239.255.
WSDAPI uses TCP port 5357 for HTTP traffic and TCP port 5358 for HTTPS traffic by default. These ports are reserved for lower privilege processes through a URL reservation in HTTP. sys, and are also reserved with IANA.
Open port vulnerabilities pose a significant security risk to your organization. If left exposed, ports are a gateway for hackers to breach your network and steal your data.
Hobby: Web surfing, Skiing, role-playing games, Sketching, Polo, Sewing, Genealogy
Introduction: My name is Maia Crooks Jr, I am a homely, joyous, shiny, successful, hilarious, thoughtful, joyous person who loves writing and wants to share my knowledge and understanding with you.
We notice you're using an ad blocker
Without advertising income, we can't keep making this site awesome for you.