Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 12 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 782 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SOPHOS XGS 2100 Zenmap intense portscan - Linksys WRT45G dropbear?

Dennis Wauer

Hi there,

is this a possible valid portscan for the XGS 2100?



I'm wondering about the Linksys WRT56G modified dropbear sshd Port.

Thanks!

Best Regards



This thread was automatically locked due to age.
Parents
  • 0

    Hi  Thank you for reaching out to the Sophos community team. Can you please help us with the below details to narrow down the situation?

    How this Port scan was performed? From Outside or from the LAN segment?
    On which IP this Port scan was performed? The IP on which this port scan was performed is directly assigned and configured on XGS? if it is directly assigned and configured on XGS then is it WAN IP?
    Is there any DNAT/Port forwarding configured for any in-house device to map the above services or any of the services listed in the above port scan result? 
    If this has been scanned from the WAN side, Does XG WAN has private IP over WAN on which requests are landing from the next hop router via port forwarding on it?

    Regards,

    Vishal Ranpariya
    Technical Account Manager | Sophos Technical Support
    Sophos Support Videos | Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link.

  • 0 in reply to Vishal_R

    Hi Vishal,

    thanks for your fast reply on my topic.

    The scan was performaned using Zenmap on Microsoft Windows 11 from inside the LAN, with the following command:
    nmap -sS -sU -T4 -A -v 10.0.1.1

    Yes, the IP-Address where with port scan was performed is directly assigned to the Sophos XGS. We are using for WAN the Sophos DSL Module.  (=> Screenshot 1)

    No there is no DNAT / Port forwarding configured for any of these services.

    We have a dynamic public IP-Address assigned for the WAN, which get assigned by the DSL Module.

    Regards,
    Dennis


  • 0 in reply to Dennis Wauer

    Hi   Can you please capture tcpdump and PCAP on XG on ssh service port 22 when you perform scanning to confirm who is replying or how the 22 service port packets traversing and getting replied by which device?

    Regards,

    Vishal Ranpariya
    Technical Account Manager | Sophos Technical Support
    Sophos Support Videos | Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link.

  • 0 in reply to Vishal_R

    Packet capture in Diagnostics on the Sophos XGS does not working correctly, I will now try via ssh.

Reply Children
No Data
Unfiltered HTML