Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4894
Views
10
Helpful
6
Replies

Port 1080 open

Go to solution
tkalfaoglu
Level 1
Level 1

‎05-21-2023 03:11 AM - last edited on ‎05-25-2023 12:05 PM by Community Manager

Hi - I did an nmap from outside my local LAN and noticed that the TCP port 1080 was open to the world..  Should I block access to it from outside?  Just use an

access list

for it?

Thanks!

 

 

Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
M02@rt37
VIP
VIP

‎05-21-2023 05:26 AM - last edited on ‎05-25-2023 01:14 PM by Community Manager

Hello @tkalfaoglu,

https://www.speedguide.net/port.php?port=1080

Port 1080 is commonly used for the SOCKS proxy protocol. By default, this port allows incoming connections, and it's often targeted by attackers looking for open proxies to abuse for various purposes.

If you have identified that TCP port 1080 is "open to the world" and you are not intentionally running a SOCKS proxy service, it is generally recommended to block access to this port from outside your local LAN. This will help prevent potential unauthorized access and mitigate any potential security risks associated with leaving the port open.

To block access to port 1080 from outside your LAN, you can implement an ACL or firewall rule on your network perimeter device, such as a router or firewall. The specific steps for configuring the ACL or firewall rule depend on the device you are using.

Example:

access-list 100 deny tcp any any eq 1080
access-list 100 permit ip any any

--> Apply ACL 100 to the interface facing the external network:

interface <interface_name>
ip access-group 100 in

 

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

View solution in original post

6 Replies 6

Go to solution
MHM Cisco World
VIP
VIP

‎05-21-2023 03:14 AM

apply the ACL in interface deny udp/tcp ports
do check again and see if it still open or not.

Go to solution
Flavio Miranda
VIP
VIP

‎05-21-2023 03:34 AM - edited ‎05-21-2023 03:38 AM

Hi

 which device is it?

If this is a RVXXX device, you can just disable th UPNP service

FlavioMiranda_0-1684665486099.png

 

https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb5046-configuration-of-universal-plug-and-play-upnp-on-rv320-and-r.html

 

Go to solution
tkalfaoglu
Level 1
Level 1
In response to Flavio Miranda

‎05-21-2023 06:09 AM

It's a CISCO 3925 actually.. Thanks!

Go to solution
M02@rt37
VIP
VIP

‎05-21-2023 05:26 AM - last edited on ‎05-25-2023 01:14 PM by Community Manager

Hello @tkalfaoglu,

https://www.speedguide.net/port.php?port=1080

Port 1080 is commonly used for the SOCKS proxy protocol. By default, this port allows incoming connections, and it's often targeted by attackers looking for open proxies to abuse for various purposes.

If you have identified that TCP port 1080 is "open to the world" and you are not intentionally running a SOCKS proxy service, it is generally recommended to block access to this port from outside your local LAN. This will help prevent potential unauthorized access and mitigate any potential security risks associated with leaving the port open.

To block access to port 1080 from outside your LAN, you can implement an ACL or firewall rule on your network perimeter device, such as a router or firewall. The specific steps for configuring the ACL or firewall rule depend on the device you are using.

Example:

access-list 100 deny tcp any any eq 1080
access-list 100 permit ip any any

--> Apply ACL 100 to the interface facing the external network:

interface <interface_name>
ip access-group 100 in

 

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Go to solution
tkalfaoglu
Level 1
Level 1

‎05-21-2023 06:07 AM

Many thanks everyone! I just added the ACL line.. this was the Giga interface that's connected to the vdsl2 modem.. So, yes, it's "very open to the world"

Regards, -t

 

Go to solution
MHM Cisco World
VIP
VIP
In response to tkalfaoglu

‎05-21-2023 06:28 AM

You are so welcome 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card