SG Broadband Community

Hello SG. I am a new member and I just ran the security scan and the results say port 30005 is open.
How do I secure it and will the trojan open the port again before I remove it?
Thanks in advance for any assistance.
I am running Windows 7 and Firefox through a Netgear AC1900 router modem.

I would suggest running a scan on your computer anytime you suspect a virus/malware... Just use the built-in Microsoft Security Essentials (or Windows Defender, depending on your OS). As secondary tools, I would try Malwarebytes Free, and Adwcleaner.

To find out what service is listening to that port, look at the following FAQ: http://www.speedguide.net/faq/how-can-i ... -on-my-115

Please let us know if you need further assistance with it, I hope this helps.

I am having the same problem with the same open port 30005. I checked to see what service might be listening to the port but I didn't find anything.
I also ran scans with anti-virus and several different anti-malware programs and they found nothing. Why is this port open and how can it be closed? Or at least be set to stealth

If you are behind a NAT router, it could be open on any one of the clients behind it. Also, the state may have changed between the time you scanned and the time you looked for the service that is listening to it.

3
down vote
favorite


I want to open some ports on my family's network, for game servers and other protocols like HTTP and FTP. My dad, however, thinks this is unsafe (for him).

Is it easy for a hacker to get in to our network using these open ports? If he does, does he have access to the whole network or just my computer?

I was lucky, my dad let me have unknown 5-digit ports, but I still want to use "normal" ports.

Higher ports are safer than using the standard http/ftp ports because they are often scanned for potential exploits. Once you "open" a port on your NAT router, you forward all incoming traffic on that port to one client PC on your local network.

To answer your question: you don't directly open the port to the whole local network, only to one client. However, if a potential intruder is able to exploit a vulnerability and gain access to that one client PC, they then have access to all your other networked devices it can reach.

If feasible, I would keep the current setup for personal use and only open unused high port numbers that are less likely to be discovered and exploited, it will likely eliminate 95% of incoming probes. Also, many residential ISPs may be blocking some common server ports (like 21, 25, 80) because customers running servers is often against the service policies.

I have updated the information on port 30005, seems to also be used for TR-069 by some ISPs (Cox Communications, reportedly). This protocol has some known vulnerabilities and it is hard to close communications between the ISP and CPE devices, but there are some options in the port description.