TCP port 53 open on Balance 20 with 6.2.2


#1

Why is TCP port 53 open on the Balance 20? What other ports are open by default and under what conditions? UDP port 500 gets open for IPsec, for example.


#2

Hi,

Possible to share us the firmware version running for your B20 ? We will always recommend to use the latest firmware for any vulnerability scanning.

Beside that, which interface you are scanning for the B20 ? LAN or WAN ?

Thank You


#3

The firmware is version 6.2.2 and I’m scanning the WAN1 interface. I can’t upgrade to 6.3 (which just came out) yet.


#4

Hi,

We don’t have port TCP 53 opened by default. I have tested this. Have you configured Port Forwarding for TCP 53?


#5

No sir. However, under Network / LAN I do have DNS Caching enabled, which is not a default setting. This requires DNS Proxy to be enabled. Could this be it?


#6

Hi,

Enabled DNS Caching will not open port TCP 53. Please open ticket for us to investigate.

Thank you.


#7

Any resolution to this? I have a Balance 305 with multiple ports open to the outside that are not defiled in the inbound rules.


#8

Hi,

Suggestion provided here. Do let me know the result.