Home AMX User Forum NetLinx Studio

Telnet from India?

felixmoldovanfelixmoldovan Posts: 197
in NetLinx Studio
Noticed the following in my Device Notifications. Looking up the IP's got to some Indian/Peruvian/Italian Telecom providers. I have no such socket open on my processor and all I can think is that the built-in Time Manager might be allowing such connections. Can anybody clarify? 
 (08:59:35)::  Accepted Telnet connection:socket=31 addr=190.42.128.253 port=4415
 (08:59:44)::  Accepted Telnet connection:socket=31 addr=190.42.128.253 port=4619
 (09:00:20)::  Accepted Telnet connection:socket=31 addr=59.178.220.171 port=4297
 (09:00:29)::  Accepted Telnet connection:socket=31 addr=59.178.220.171 port=4500
 (09:07:54)::  Accepted Telnet connection:socket=31 addr=122.170.56.13 port=4560
 (09:08:06)::  Accepted Telnet connection:socket=31 addr=122.170.56.13 port=4763
 (09:12:35)::  Accepted Telnet connection:socket=31 addr=93.149.240.58 port=4319
 (09:12:44)::  Accepted Telnet connection:socket=31 addr=93.149.240.58 port=4524

Comments

  • ericmedleyericmedley Posts: 4,177
    hmmm...

    Well some stupid questions first...

    Are you running any modules that use IP communication? If so, perhaps they're opening the ports. Those port numbers are in a generally undefined port range. They are registered to stuff. (For example SMART Beacon is up ther on a few ports as well as Drizzle servers and so forth) You might be getting banged on by devices like that.

    Otherwise, you should probably do a complete port scan of your master from bottom to top and see what's open. You can download a free port scanner like Angry IP to do this if you don't have anything. Also, If you have a Mac or a Linux box you can use the Netware apps included with them to do a port scan.

    Hope that helps.
  • jweatherjweather Posts: 320
    The port numbers shown are the remote ports. They are connecting to port 23 on your NetLinx processor, which is apparently exposed to the world. You should restrict outside access to it, or set up device security if that isn't possible.

    Odds are good that you are being subjected to an automated scan, and no humans are actually looking at it, but if someone did notice the strange box and start poking around, they could at least reboot it, and possibly annoy you in other ways.
  • ericmedleyericmedley Posts: 4,177
    jweather wrote: »
    The port numbers shown are the remote ports. They are connecting to port 23 on your NetLinx processor, which is apparently exposed to the world. You should restrict outside access to it, or set up device security if that isn't possible.

    Odds are good that you are being subjected to an automated scan, and no humans are actually looking at it, but if someone did notice the strange box and start poking around, they could at least reboot it, and possibly annoy you in other ways.

    Or even clean the disk. Yikes! I wish someone would telnet into my bathroom and clean it too...
  • felixmoldovanfelixmoldovan Posts: 197
    Thanks. There is no IP module and certainly I am not opening any TCP/IP server in my program. You are right, I have no security enabled on telnet and freely forwarding 23 to the processor, so the assumption that I might be exposed to scanning is valid. Sure somebody will say I asked for it...
Sign In or Register to comment.