Cisco IOS Ports

alaa.musa · ‎11-22-2002

Dear All:

I made a ports scanner to one of my routers cisco 7200 , and i found the following ports are opened "

1- 23 Telnet

2-80 HTTP

3-2001 remote control software

4-9001 cisco Xremote service

5-4001 cisco virtual terminal

6-6001 cisco virtual terminal

i want to know why port 80 is opened although i http server is disabled at this router , and the other las four ports , and how can i disable the last four ports "2001,9001,4001,6001" or control the access to these ports.

regards

Alaa Musa

gfullage · ‎11-24-2002

You can control access to the last four by placing a "access-class" on your VTY/AUX ports. As for HTTP being opened, if you telnet to port 80 on your router, does it open up a connection? If not, then it's not really open and you're port scanner is saying the wrong thing. If you can, then we'd need to look at your config, but make sure you have "no ip http server" configured at the very least.

alaa.musa · ‎11-24-2002

I made telnet to port 80 at my router and its connect , and i'm sure i add "no ip http server "

tepatel · ‎11-25-2002

surely "no ip http server" will block the http connection and also telnet to port 80.

alaa.musa · ‎11-26-2002

Dear Sir:

Yes I'm sure that "IP http server" feature is disabled and i see in my configuration "no IP http server" . also i made the scan for the router by anther scanner also gives me the same results.

your advise is highly appreciated

tepatel · ‎11-25-2002

Also the 2001, 6001 and 4001, are ports related to the modem line on the router..So if you don't have a modems on the router, you don't need to worry about that..