Why do I have to have a firewall port open?
I checked the internet logs and there is a lot of activity going on from an NTP port. Is this normal? Or should I close that port? And if so, where would I find it on a Cisco EA4500 if I've already got it on Port lights off?
I found this on the net:
Q. If a guest anchor controller is used outside the firewall, what firewall ports are open for guest access to work?
A. On any firewall between the guest anchor controller and the remote controllers, these ports need to be open:
IP Protocol 97 for user data traffic
UDP Port for tunnel control traffic
For optional management, these firewall ports need to be open:
SSH/TelnetTCP Port 22/23
TFTPUDP Port 69
NTPUDP Port 123
SNMPUDP Ports 161 (gets and sets) and 162 (traps)
HTTPS/HTTPTCP Port 443/80
SyslogTCP Port 514
RADIUS Auth/Account UDP Port 1812 and 1813
http://www.cisco.com/en/US/products/ps6366/products_qanda_item09186a00809ba482.shtml
steve2470
(37,457 posts)Any reason your computer is checking or adjusting the time ?
Baitball Blogger
(46,735 posts)What is perplexing is that the ip addresses that are accessing the port are varied.
steve2470
(37,457 posts)See if the camera, for some reason, needs to check the time.
If you can't find the answer there, this is out of my league for sure.
Baitball Blogger
(46,735 posts)Though, once you figure out how they programmed certain features you tend to facepalm yourself and say, "Of course!"
Because that particular NTP port is specifically mentioned on more than one help forum, I tend to believe that it is necessary.
steve2470
(37,457 posts)Just to make sure they are time servers.
Baitball Blogger
(46,735 posts)steve2470
(37,457 posts)This probably has nothing to do with your situation but it's interesting the attackers used NTP.