Let me start by saying I am not an expert in configuring Cisco routers. I'm trying to figure out what service or what I have enabled in my config allowing the open ports on a 2901 cisco router. Any help would be appreciated!
NMAP results below:
PORT STATE SERVICE
25/tcp filtered smtp
465/tcp filtered smtps
1099/tcp filtered rmiregistry
3369/tcp filtered satvid-datalnk
8873/tcp filtered dxspider
Basic Config:
This is the running config of the router: xxxxx
----------------------------------------------------------------------------
!version 15.1
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname xxxx
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200
logging console critical
enable secret 5 xxx
enable password 7 xxxx
!
no aaa new-model
clock timezone PCTime -5 0
clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
!
no ipv6 cef
no ip source-route
ip cef
!
!
!
!
!
no ip bootp server
ip domain name xxxx.com
multilink bundle-name authenticated
!
!
crypto pki token default removal timeout 0
!
!
license udi pid xx sn xx
!
!
!
!
ip tcp synwait-time 10
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
!
interface GigabitEthernet0/0
description $ES_LAN$
ip address xxxxx 255.255.255.192
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
duplex auto
speed auto
no mop enabled
!
interface GigabitEthernet0/1
description $ES_WAN$
ip address xxxxx 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
duplex auto
speed auto
no mop enabled
!
interface GigabitEthernet0/0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
duplex auto
speed auto
no mop enabled
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 xxxxxx
!
logging trap debugging
dialer-list 1 protocol ip permit
!
no cdp run
!
!
control-plane
!
!
!
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output none
stopbits 1
line vty 0 4
password XXX
no login
transport input none
transport output none
!
scheduler allocate 20000 1000
end
NMAP results below:
PORT STATE SERVICE
25/tcp filtered smtp
465/tcp filtered smtps
1099/tcp filtered rmiregistry
3369/tcp filtered satvid-datalnk
8873/tcp filtered dxspider
Basic Config:
This is the running config of the router: xxxxx
----------------------------------------------------------------------------
!version 15.1
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname xxxx
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200
logging console critical
enable secret 5 xxx
enable password 7 xxxx
!
no aaa new-model
clock timezone PCTime -5 0
clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
!
no ipv6 cef
no ip source-route
ip cef
!
!
!
!
!
no ip bootp server
ip domain name xxxx.com
multilink bundle-name authenticated
!
!
crypto pki token default removal timeout 0
!
!
license udi pid xx sn xx
!
!
!
!
ip tcp synwait-time 10
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
!
interface GigabitEthernet0/0
description $ES_LAN$
ip address xxxxx 255.255.255.192
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
duplex auto
speed auto
no mop enabled
!
interface GigabitEthernet0/1
description $ES_WAN$
ip address xxxxx 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
duplex auto
speed auto
no mop enabled
!
interface GigabitEthernet0/0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
duplex auto
speed auto
no mop enabled
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 xxxxxx
!
logging trap debugging
dialer-list 1 protocol ip permit
!
no cdp run
!
!
control-plane
!
!
!
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output none
stopbits 1
line vty 0 4
password XXX
no login
transport input none
transport output none
!
scheduler allocate 20000 1000
end
