FYI I-PBX 12/Ubuntu 14.04 on C-o-C: Whitelist, yet open ports

tycho

Guru (not...)
Joined
Aug 9, 2011
Messages
652
Reaction score
272
[Moved from that long I-PBX/Ubuntu 14.04 thread]
This relates to my Cloud-at-Cost install of:
Incredible PBX 12.7.1 for Ubuntu 14
Asterisk: UP Apache: UP MySQL: UP
SendMail: UP IPtables: UP SSH: UP
LAN eth0: UP Fail2Ban: UP Webmin: UP
RAM:35540 "Ubuntu 14.04.1 LTS" Disk: 59%
Asterisk 12.7.1 FreePBX 12.0.12
Private IP: 104.xxx.xxx.xxx
Public IP: 104.xxx.xxx.xxx
I just ran a scan on that instance from sipscanner.voipfraud.com. The scan reported the following:
The good:
Zero SIP services detected
Zero Extensions found
Zero Passwords cracked
"No Host Information"
("This is the information we were able to retrieve by scanning the given host. If the operating system hosting is too old and has known vulnerabilities, this can be exploited by attackers.")
What I didn't expect to see:
"Service Information"
("These are the open TCP ports that we found while scanning. While this doesn't necessarily indicate a problem, try to look for open ports/services that you don't expect.")
Port/Protocol--State--Service
113/tcp--closed--ident
1723/tcp--open--pptp
4445/tcp--closed--upnotifyp
Cause for concern? I don't fully understand the nooks and crannies of the whitelisting methodology implemented by I-PBX 12 for Ubuntu, but my beginner's understanding was that it would preclude the above open ports, and/or not respond to probes.
Are these a result of CoC's standard Ubuntu 14.04 LTS load? Do I need these ports? If not can I close them?
 

tycho

Guru (not...)
Joined
Aug 9, 2011
Messages
652
Reaction score
272
Partially answering my own question...

I expect I needn't be concerned about tcp ports 113 and 4445 because they are indicated as being closed.

1723 is apparently for Point-to-Point Tunneling Protocol (PPTP) VPNs. I don't have one running. Is it standard for it to be open? Default on installation?
 

Jay Deal

Phhhhhhhhttttttt :)
Joined
Dec 26, 2013
Messages
267
Reaction score
85
1723 is apparently for Point-to-Point Tunneling Protocol (PPTP) VPNs. I don't have one running. Is it standard for it to be open? Default on installation?


Isn't neorouter a default part of the NV IPBX Ubuntu install? At least it is on Asterisk 11.
 

wardmundy

Nerd Uno
Joined
Oct 12, 2007
Messages
19,168
Reaction score
5,199
1723 is open by default because everybody always forgets to open it when implementing PPTP. If you don't have PPTP running at all, there is nothing to attack. By default, PPTP is disabled.
 

tycho

Guru (not...)
Joined
Aug 9, 2011
Messages
652
Reaction score
272
Ha! Thanks, Jay Deal. Re-reading that made me remember all about Hamachi -- a tool that I used to use but had forgotten all about...
 

Members online

No members online now.

Forum statistics

Threads
25,779
Messages
167,505
Members
19,199
Latest member
leocipriano
Get 3CX - Absolutely Free!

Link up your team and customers Phone System Live Chat Video Conferencing

Hosted or Self-managed. Up to 10 users free forever. No credit card. Try risk free.

3CX
A 3CX Account with that email already exists. You will be redirected to the Customer Portal to sign in or reset your password if you've forgotten it.
Top