Common Port Detection

Many port scan companies such as HacerkSafe, ScanAlert, HackerGuardian and HackerProof scan servers to determine if there is a possible breach of security. In their scans however they detect many open ports that are required to be open. They inadvertantly mark the open ports as vulnerable even though they are required for normal server operation.

Below are a list of common ports that are open on the servers, along with an brief explanation of what they do:

http 80/tcp - mod_frontpage installed
This is required on the servers as many people use FrontPage to update their sites. We can not disable this module as requested. The module is up to date with the latest version and is considered secure.

https 443/tcp - mod_frontpage installed
Please see above.

smtp 25/tcp - SMTP
This port is required in order for users to send mail.

ftp 21/tcp - FTP
This port is required in order to upload files to the server

imaps 993/tcp - IMAP Secure
This port is required in order for webmail to work (online viewing of mail) Secure Port

gnunet 2086/tcp - cPanel
This port is required for cPanel (the website control panel) to operate

imap 143/tcp - IMAP
This port is required in order for webmail to work (online viewing of mail)

urd 456/tcp - SMTP
This port is required by the mail server software

radsec 2083/tcp - cPanel
This port is required for cPanel (the website control panel) to operate

nbx-dir 2096/tcp - cPanel
This port is required for cPanel (the website control panel) to operate

http 80/tcp
This port is required for websites to display

infowave 2082/tcp
This port is required for cPanel (the website control panel) to operate

https 443/tcp
This port is required for websites to display SSL Mode

eli 2087/tcp
This port is required for cPanel (the website control panel) to operate

nbx-ser 2095/tcp
This port is required for cPanel (the website control panel) to operate

trellisagt 2077/tcp
This port is required for cPanel (the website control panel) to operate

pop3s 995/tcp
This port is required for POP3 Email Secure Mode

domain 53/udp
This port is required for Nameservers to operate so sites know what domain is on what server

mysql 3306/tcp
This port is required for MySQL Database Access
  • Email, SSL
  • 105 Users Found This Useful
Was this answer helpful?

Related Articles

ScanAlert Test Levels Explanations

So you've signed up for ScanAlert and have your weekly report. If you have notices, here are what...

WebSite Directory Index Vulnerability

Scanalert's "WebSite Directory Index Vulnerability" simply means that if someone goes to a...

Scanalert Warning: The remote host appears to be using a version of OpenSSL which is older than 0.9.6j or 0.9.7b

The OpenSSL version has actually been patched on our servers for more than a year when the...

Scanalert Warning: The remote host appears to have 10 or more open ports

This is part of how the system operates. We have substantial firewalls in place, however since we...

Excessive Open Ports

ScanAlert, HackerSafe, HackerGuardian and HackerProof are the main contenders on the web when it...