.

Apple Airport Basestation Extreme Port Scan Always Shows 7070 554 21

<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Wed Jan 26, 2011 7:09 pm

Apple Airport Basestation Extreme Port Scan Always Shows 7070 554 21

This is a problem I've had for years and never found a solution. I have an AEBS and whenever I do a portscan outside of my network it ALWAYS shows ports 7070 554 and 21 open, even when the host doesnt have those ports open. When I replace my AEBS with a regular Linksys router, these ports dont show up in my nmap scans. It's very strange.

I've only found a few posts talking about it but never any solutions. http://discussions.apple.com/message.jspa?messageID=7252565

Anyone else use an AEBS and experience the same behavior? I've tried wiping the device and starting fresh, I'm also running the latest firmware. When looking at a packet capture, you actually see the TCP handshake complete. Any other folks have this problem? Did you fix it?
<<

RoleReversal

User avatar

Hero Member
Hero Member

Posts: 928

Joined: Fri Jan 04, 2008 8:54 am

Location: UK

Post Thu Jan 27, 2011 4:34 am

Re: Apple Airport Basestation Extreme Port Scan Always Shows 7070 554 21

I don't use AEBS, but I have seen similar problems when scanning through other devices. Unfortunately only options I've found are:
  • Accept that the ports are a false positive (& possibly ignore an actual positive)
  • Replace the hardware, as you've tried
  • Shift scanning source to outside of the device causing issues (not always an option)

If anyone has a better solution, I'd also welcome the advice.
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Thu May 26, 2011 9:01 pm

Re: Apple Airport Basestation Extreme Port Scan Always Shows 7070 554 21

BTW - I still havent found a solution for this problem and have read in multiple places that it is an issue for others.

My workaround has been to put the AEBS in bridge mode and use another device for my FW/NAT. It's an extra hop in my network but at least I get accurate results until they fix it!
<<

hell_razor

User avatar

Jr. Member
Jr. Member

Posts: 90

Joined: Wed Jul 14, 2010 10:44 am

Post Fri May 27, 2011 1:19 pm

Re: Apple Airport Basestation Extreme Port Scan Always Shows 7070 554 21

Hack naked! - PaulDotCom

Seriously.

It is likely that the device is proxying on one or all of these ports for some reason.  To verify, capture traffic before and after device and see what it looks like.  Also, set your http proxy and/or SOCKS proxy settings to your device IP address and see if it translates.  Just guessing here, no direct experience with that device.
A+, Network+, Server+, CISSP, GSEC, GCIH, GPEN, GCIA, GISP, GCFW

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software