Jump to content

Open Ports security scan


FusionScott
 Share

Recommended Posts

First off, I love Domotz. You guys are doing great work.

 

Regarding the open ports scanner  (/security/open_ports), this is a cool feature idea, however the implementation seems to have a major issue.  Right now mine is showing that port 5000 is open. My only options are to mark the port as safe or mark that it has been closed.  The problem for me is that I want port 5000 open on ONE SERVER but not EVERY SERVER. I don't want to mark it as safe. I want to mark it as safe on whatever host it was detected on. If I mark it as safe and then somehow the port opens up on another server I want to know about it!  Actions aside, it currently doesn't even tell me which device has port 5000 open, so if I wanted to confirm that I have closed it, I wouldn't even know which host to check.

 

This is one of those things that is such an obvious omission that I'm wondering if I'm missing something. Am I?

Edited by FusionScott
Link to comment
Share on other sites

Hi Scott,

 

thanks for your continuous interest in Domotz and for the nice words about the service offered.

 

With regard to the TCP Port scanner functionality, as reported in the User Guide (https://help.domotz.com/user-guide/network-security-scans/#htoc-security-status-tcp-open-port-scanner-wan-side) :

 

Quote

This type of Perimeter Security scan is performed from the cloud toward the WAN side of the network. It only identifies if specific TCP ports are open and if so, they are reported. However, it is not possible for Domotz to understand which internal device is exposed behind a specific TCP port.

 

Therefore, with this functionality, it is not possible to map which is the device/server behind that open Port. We just highlight the port that appears to be open from outside the network (from the WAN side). 

 

You will need to verify that the port is correctly forwarded to the correct device (you will need to access to the Gateway / NAT configuration). At that point, if the port is correctly mapped to the device you are expecting behind that port, mark the port as "Safe" in Domotz.

 

I hope the above helps clarifying the scenario. If you need any further assistance, please contact support@domotz.com

 

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...