Unknown Ports Auto-Opened

Currently reading
Unknown Ports Auto-Opened

126
17
NAS
DS920+ DS215J,
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. Windows
Mobile operating system
  1. Android
Recently moved from a 215J to a 920+ and have added just a few packages so far such as PLEX and Moments / Photos. While checking the Port Forwarding page on my 2600 to eventually delete the unneeded Open Ports assigned from the old 215J, I discovered 16 individually assigned Open Ports for the 920+ that range from 9025 through 9040....
I'm unable to find what these Ports would be using.......

Suggestions?

Unknown Port.jpg
 
I discovered 16 individually assigned Open Ports for the 920+ that range from 9025 through 9040....
Never use EZ Internet to set port openings. It is dangerous to have UPnP activated, and Synology throws in the entire kitchen sink when offering port forwards. Looking at that list, only the 443>443 is likely required, and possibly 6690. Inactivate the others.
 
Thank you Telos... I do recall you advised this in a different post to me in the past, and I have not again used it..... as EZ also buggered other settings that created issues that were not present before at the time. There should be a Warning Label on that feature! And I've never used UPnP....

The two screen shots here are actually just for the new 920+.... the previous list included some ports for the old NAS.....

I manually only added the 9895 + 6698 to change form 5000 + 5001 and 32400 for PLEX.... All else was Auto Added from the packages I initially installed.

Recognizing which Ports need to be eliminated or changed to increase security is not my best skill..... And from your advice, it appears 9025-9040 may not be needed at all..... I'm assuming the only real test is to eliminate them one at a time and then check for operation. I wish the Auto Added Ports had a tick box next to each for easier on/off testing.
 

Attachments

  • Ports for A II.jpg
    Ports for A II.jpg
    27.1 KB · Views: 9
  • Ports for A.jpg
    Ports for A.jpg
    8.9 KB · Views: 9
That screenshot ... it's DSM's firewall? Does the SRM firewall also have these ports opened?

If it's only DSM firewall then these ports won't be accessible from the Internet. So the risk depends on how much you trust all the devices on your home LAN.

You certainly should not have the UPnP option in SRM enabled. This option when enabled would allow LAN client to update you perimeter firewall policy, and it's much better to configure this yourself.
1625071457585.png
 
The previous two screen shots are from the Router.... Attached here is the DSM firewall Config Settings and when I opened the "Default" profile, for Management UI, File Station, sure enough as you predicted the DLNA/ UPnP Settings were ticked ...... presumably set when I installed the Video Station. I unticked both, then tested access to my Media files over DLNA at the TV.... and thankfully access is still available via PLEX and Direct form the Media folder..... So even though I had never used UPnP, it appears installing Video Station, PLEX, or the Media Server opened these up.
 

Attachments

  • DSM Router Config.jpg
    DSM Router Config.jpg
    31.6 KB · Views: 12
  • DSM Built In App's Firewall .jpg
    DSM Built In App's Firewall .jpg
    68.4 KB · Views: 14

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

  • Question
When I went to Wi-Fi Connect > Wi-Fi Settings > Radio > Advanced > Settings > Uplink swap menu opens up, I...
Replies
0
Views
742
I'm always pleasantly surprised (and somewhat confused) to see significant software updates on the...
Replies
8
Views
5,747
Thanks Shadow. As per BobW above >> 'I’ve setup VPNServer on my NAS and OpenVPN client on all the mobile...
Replies
12
Views
5,605

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top