d-link dir 655 open ports

newbie0101 · 01-28-2012, 03:20 AM

hi guys, i've bought a wifi router d-link dir 655 that works well but when i nmap th GW i see open those ports:

Code:

nmap -A -T4 192.168.0.1

Starting Nmap 5.21 ( http://nmap.org ) at 2012-01-28 10:08 CET
Nmap scan report for 192.168.0.1
Host is up (0.012s latency).
Not shown: 994 closed ports
PORT      STATE    SERVICE    VERSION
53/tcp    open     domain     ISC BIND 9.3.4-P1.2
80/tcp    open     tcpwrapped
111/tcp   filtered rpcbind
139/tcp   open     tcpwrapped
443/tcp   filtered https
20005/tcp open     btx?

do they must be opened ? isn't there a higher probability of being hacked when ports are open ?
btw, does the router use some kind of linux ?

MartinStrec · 01-28-2012, 10:26 PM

Hi,

Those port are opened because of servicing some network services you use in your network (53 - DNS, 80 - HTTP, 443 - HTTPS)
see http://www.iana.org/assignments/serv...rt-numbers.xml

Most modems are able to deny access from outside (WAN). Connect your modem on http://192.168.0.1 or https://192.168.0.1 and check the firewall/security settings.

You needn't care about ports marked as filtered in that case.

es0teric · 01-29-2012, 08:39 PM

If you're pinging it by the internal IP address shown (192.168.x.x), then that means your router is providing those services. It probably runs a lightweight web server and DNS server - web so that you can login to your router via a GUI and configure stuff, and DNS to provide name resolution to hosts on your internal network.

If you're worried about being hacked by people from outside your network, then these aren't a concern. Those services probably aren't accessible from the external interface. To confirm that, you could do an nmap of your public IP address, which you can obtain by going here: http://whatismyip.com