cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5749
Views
10
Helpful
6
Replies

Port 1080 open

tkalfaoglu
Level 1
Level 1

Hi - I did an nmap from outside my local LAN and noticed that the TCP port 1080 was open to the world..  Should I block access to it from outside?  Just use an

access list

for it?

Thanks!

 

 

1 Accepted Solution

Accepted Solutions

M02@rt37
VIP
VIP

Hello @tkalfaoglu,

https://www.speedguide.net/port.php?port=1080

Port 1080 is commonly used for the SOCKS proxy protocol. By default, this port allows incoming connections, and it's often targeted by attackers looking for open proxies to abuse for various purposes.

If you have identified that TCP port 1080 is "open to the world" and you are not intentionally running a SOCKS proxy service, it is generally recommended to block access to this port from outside your local LAN. This will help prevent potential unauthorized access and mitigate any potential security risks associated with leaving the port open.

To block access to port 1080 from outside your LAN, you can implement an ACL or firewall rule on your network perimeter device, such as a router or firewall. The specific steps for configuring the ACL or firewall rule depend on the device you are using.

Example:

access-list 100 deny tcp any any eq 1080
access-list 100 permit ip any any

--> Apply ACL 100 to the interface facing the external network:

interface <interface_name>
ip access-group 100 in

 

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

View solution in original post

6 Replies 6

apply the ACL in interface deny udp/tcp ports
do check again and see if it still open or not.

It's a CISCO 3925 actually.. Thanks!

M02@rt37
VIP
VIP

Hello @tkalfaoglu,

https://www.speedguide.net/port.php?port=1080

Port 1080 is commonly used for the SOCKS proxy protocol. By default, this port allows incoming connections, and it's often targeted by attackers looking for open proxies to abuse for various purposes.

If you have identified that TCP port 1080 is "open to the world" and you are not intentionally running a SOCKS proxy service, it is generally recommended to block access to this port from outside your local LAN. This will help prevent potential unauthorized access and mitigate any potential security risks associated with leaving the port open.

To block access to port 1080 from outside your LAN, you can implement an ACL or firewall rule on your network perimeter device, such as a router or firewall. The specific steps for configuring the ACL or firewall rule depend on the device you are using.

Example:

access-list 100 deny tcp any any eq 1080
access-list 100 permit ip any any

--> Apply ACL 100 to the interface facing the external network:

interface <interface_name>
ip access-group 100 in

 

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

tkalfaoglu
Level 1
Level 1

Many thanks everyone! I just added the ACL line.. this was the Giga interface that's connected to the vdsl2 modem.. So, yes, it's "very open to the world"

Regards, -t

 

You are so welcome 

Review Cisco Networking for a $25 gift card