port listening and home router security












0















I have a Dishtv receiver with sling adapter. The receiver is connected to my router.
The router is a netgear DD-WRT flashed router.



I was told be a dishtv rep that the router use port 80, 443 and 5678 and recommended that I keep UPnP enabled. I wasn't told it was udp or tcp.



I haven't set UPnP to enabled on my router yet, when I login into dish portal dishanywhere.com, I can see that my receiver is active (green status).



When I use one of those online portscanner and scan to see if my router to listening on these ports, I get a negative response.



How does dishanywhere know that my receiver is active?
Is the receiver sending data packets to dishanywhere server saying that it is alive?



I can control my DVR from dishanywhere i.e. change channels, set recordings, reboot the receiver. Does this means that the dishanywhere.com site is sending packets to the DVR on some port?



If yes, How do I find out the port number?



I want to know if there would be any network security issues?










share|improve this question



























    0















    I have a Dishtv receiver with sling adapter. The receiver is connected to my router.
    The router is a netgear DD-WRT flashed router.



    I was told be a dishtv rep that the router use port 80, 443 and 5678 and recommended that I keep UPnP enabled. I wasn't told it was udp or tcp.



    I haven't set UPnP to enabled on my router yet, when I login into dish portal dishanywhere.com, I can see that my receiver is active (green status).



    When I use one of those online portscanner and scan to see if my router to listening on these ports, I get a negative response.



    How does dishanywhere know that my receiver is active?
    Is the receiver sending data packets to dishanywhere server saying that it is alive?



    I can control my DVR from dishanywhere i.e. change channels, set recordings, reboot the receiver. Does this means that the dishanywhere.com site is sending packets to the DVR on some port?



    If yes, How do I find out the port number?



    I want to know if there would be any network security issues?










    share|improve this question

























      0












      0








      0








      I have a Dishtv receiver with sling adapter. The receiver is connected to my router.
      The router is a netgear DD-WRT flashed router.



      I was told be a dishtv rep that the router use port 80, 443 and 5678 and recommended that I keep UPnP enabled. I wasn't told it was udp or tcp.



      I haven't set UPnP to enabled on my router yet, when I login into dish portal dishanywhere.com, I can see that my receiver is active (green status).



      When I use one of those online portscanner and scan to see if my router to listening on these ports, I get a negative response.



      How does dishanywhere know that my receiver is active?
      Is the receiver sending data packets to dishanywhere server saying that it is alive?



      I can control my DVR from dishanywhere i.e. change channels, set recordings, reboot the receiver. Does this means that the dishanywhere.com site is sending packets to the DVR on some port?



      If yes, How do I find out the port number?



      I want to know if there would be any network security issues?










      share|improve this question














      I have a Dishtv receiver with sling adapter. The receiver is connected to my router.
      The router is a netgear DD-WRT flashed router.



      I was told be a dishtv rep that the router use port 80, 443 and 5678 and recommended that I keep UPnP enabled. I wasn't told it was udp or tcp.



      I haven't set UPnP to enabled on my router yet, when I login into dish portal dishanywhere.com, I can see that my receiver is active (green status).



      When I use one of those online portscanner and scan to see if my router to listening on these ports, I get a negative response.



      How does dishanywhere know that my receiver is active?
      Is the receiver sending data packets to dishanywhere server saying that it is alive?



      I can control my DVR from dishanywhere i.e. change channels, set recordings, reboot the receiver. Does this means that the dishanywhere.com site is sending packets to the DVR on some port?



      If yes, How do I find out the port number?



      I want to know if there would be any network security issues?







      networking firewall home-networking port-forwarding internet-security






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked May 22 '13 at 21:19









      bcdbcd

      61




      61






















          3 Answers
          3






          active

          oldest

          votes


















          0














          UPnP is used to dynamically map exterior ports to interior ports on the go. This is used for NAT from your internal network to the exterior one. It is not really a security risk in itself since the port mappings are only really created when the device from the local network initiates the connection.



          It is most important when you have multiple devices attempting to access the same resources on the same port. UPnP handles this type of situation.



          What dishtv is recommending is that to ensure you don't have any connectivity issues that might arise from your current set up. Your router is smart enough to open up ports for your receiver when it connects out.



          If you're really curious about which ports traffic is travelling on then you can hook up some intermediary device between your receiver and dish to monitor the traffic. You can do this with a hub and a PC running Wireshark. That will show you all the back and forth packets.






          share|improve this answer































            0














            Q1): Yes, Q2): UDP port 1900 Q3): Yes. Buy yourself a second NAT router and place your sling adapter on a DMZ.






            share|improve this answer
























            • hmm.. UPnP is disabled on my router.. yet the receiver to dishanywhere works.

              – bcd
              May 22 '13 at 22:06



















            0














            Here is some port info for dish hopper with sling:



            Extended IP access list Dishnet-in



            10 permit icmp any any (2712 matches)
            20 permit udp any any eq domain (227 matches)
            50 permit udp any eq bootpc any (62 matches)
            140 permit udp any any eq 5351 (90 matches)
            160 permit udp any any eq 10102 (39700 matches)
            220 permit tcp any any eq www (452 matches)
            240 permit tcp any any eq 443 (851 matches)
            260 permit tcp any any eq 8443 (332 matches)
            280 permit tcp any any eq 8450 (5020 matches)
            300 permit tcp any any range 1 1023 log (6 matches)
            310 permit tcp any any eq 3074 (424 matches)
            330 permit tcp any any eq 3490 (169 matches)
            350 permit tcp any any range 1024 65535 log (1 match)


            Extended IP access list Dishnet-out



            10 permit icmp any any log (15 matches)
            30 permit udp any eq domain any (227 matches)
            230 permit tcp any eq www any (347 matches)
            250 permit tcp any eq 443 any (905 matches)
            270 permit tcp any eq 8443 any (179 matches)
            290 permit tcp any eq 8450 any (2695 matches)
            330 permit tcp any eq 3074 any (419 matches)
            350 permit tcp any eq 3490 any (168 matches)





            share|improve this answer

























              Your Answer








              StackExchange.ready(function() {
              var channelOptions = {
              tags: "".split(" "),
              id: "3"
              };
              initTagRenderer("".split(" "), "".split(" "), channelOptions);

              StackExchange.using("externalEditor", function() {
              // Have to fire editor after snippets, if snippets enabled
              if (StackExchange.settings.snippets.snippetsEnabled) {
              StackExchange.using("snippets", function() {
              createEditor();
              });
              }
              else {
              createEditor();
              }
              });

              function createEditor() {
              StackExchange.prepareEditor({
              heartbeatType: 'answer',
              autoActivateHeartbeat: false,
              convertImagesToLinks: true,
              noModals: true,
              showLowRepImageUploadWarning: true,
              reputationToPostImages: 10,
              bindNavPrevention: true,
              postfix: "",
              imageUploader: {
              brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
              contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
              allowUrls: true
              },
              onDemand: true,
              discardSelector: ".discard-answer"
              ,immediatelyShowMarkdownHelp:true
              });


              }
              });














              draft saved

              draft discarded


















              StackExchange.ready(
              function () {
              StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f598782%2fport-listening-and-home-router-security%23new-answer', 'question_page');
              }
              );

              Post as a guest















              Required, but never shown

























              3 Answers
              3






              active

              oldest

              votes








              3 Answers
              3






              active

              oldest

              votes









              active

              oldest

              votes






              active

              oldest

              votes









              0














              UPnP is used to dynamically map exterior ports to interior ports on the go. This is used for NAT from your internal network to the exterior one. It is not really a security risk in itself since the port mappings are only really created when the device from the local network initiates the connection.



              It is most important when you have multiple devices attempting to access the same resources on the same port. UPnP handles this type of situation.



              What dishtv is recommending is that to ensure you don't have any connectivity issues that might arise from your current set up. Your router is smart enough to open up ports for your receiver when it connects out.



              If you're really curious about which ports traffic is travelling on then you can hook up some intermediary device between your receiver and dish to monitor the traffic. You can do this with a hub and a PC running Wireshark. That will show you all the back and forth packets.






              share|improve this answer




























                0














                UPnP is used to dynamically map exterior ports to interior ports on the go. This is used for NAT from your internal network to the exterior one. It is not really a security risk in itself since the port mappings are only really created when the device from the local network initiates the connection.



                It is most important when you have multiple devices attempting to access the same resources on the same port. UPnP handles this type of situation.



                What dishtv is recommending is that to ensure you don't have any connectivity issues that might arise from your current set up. Your router is smart enough to open up ports for your receiver when it connects out.



                If you're really curious about which ports traffic is travelling on then you can hook up some intermediary device between your receiver and dish to monitor the traffic. You can do this with a hub and a PC running Wireshark. That will show you all the back and forth packets.






                share|improve this answer


























                  0












                  0








                  0







                  UPnP is used to dynamically map exterior ports to interior ports on the go. This is used for NAT from your internal network to the exterior one. It is not really a security risk in itself since the port mappings are only really created when the device from the local network initiates the connection.



                  It is most important when you have multiple devices attempting to access the same resources on the same port. UPnP handles this type of situation.



                  What dishtv is recommending is that to ensure you don't have any connectivity issues that might arise from your current set up. Your router is smart enough to open up ports for your receiver when it connects out.



                  If you're really curious about which ports traffic is travelling on then you can hook up some intermediary device between your receiver and dish to monitor the traffic. You can do this with a hub and a PC running Wireshark. That will show you all the back and forth packets.






                  share|improve this answer













                  UPnP is used to dynamically map exterior ports to interior ports on the go. This is used for NAT from your internal network to the exterior one. It is not really a security risk in itself since the port mappings are only really created when the device from the local network initiates the connection.



                  It is most important when you have multiple devices attempting to access the same resources on the same port. UPnP handles this type of situation.



                  What dishtv is recommending is that to ensure you don't have any connectivity issues that might arise from your current set up. Your router is smart enough to open up ports for your receiver when it connects out.



                  If you're really curious about which ports traffic is travelling on then you can hook up some intermediary device between your receiver and dish to monitor the traffic. You can do this with a hub and a PC running Wireshark. That will show you all the back and forth packets.







                  share|improve this answer












                  share|improve this answer



                  share|improve this answer










                  answered May 22 '13 at 21:41









                  Will.BeningerWill.Beninger

                  1,354724




                  1,354724

























                      0














                      Q1): Yes, Q2): UDP port 1900 Q3): Yes. Buy yourself a second NAT router and place your sling adapter on a DMZ.






                      share|improve this answer
























                      • hmm.. UPnP is disabled on my router.. yet the receiver to dishanywhere works.

                        – bcd
                        May 22 '13 at 22:06
















                      0














                      Q1): Yes, Q2): UDP port 1900 Q3): Yes. Buy yourself a second NAT router and place your sling adapter on a DMZ.






                      share|improve this answer
























                      • hmm.. UPnP is disabled on my router.. yet the receiver to dishanywhere works.

                        – bcd
                        May 22 '13 at 22:06














                      0












                      0








                      0







                      Q1): Yes, Q2): UDP port 1900 Q3): Yes. Buy yourself a second NAT router and place your sling adapter on a DMZ.






                      share|improve this answer













                      Q1): Yes, Q2): UDP port 1900 Q3): Yes. Buy yourself a second NAT router and place your sling adapter on a DMZ.







                      share|improve this answer












                      share|improve this answer



                      share|improve this answer










                      answered May 22 '13 at 21:44









                      packetspackets

                      633511




                      633511













                      • hmm.. UPnP is disabled on my router.. yet the receiver to dishanywhere works.

                        – bcd
                        May 22 '13 at 22:06



















                      • hmm.. UPnP is disabled on my router.. yet the receiver to dishanywhere works.

                        – bcd
                        May 22 '13 at 22:06

















                      hmm.. UPnP is disabled on my router.. yet the receiver to dishanywhere works.

                      – bcd
                      May 22 '13 at 22:06





                      hmm.. UPnP is disabled on my router.. yet the receiver to dishanywhere works.

                      – bcd
                      May 22 '13 at 22:06











                      0














                      Here is some port info for dish hopper with sling:



                      Extended IP access list Dishnet-in



                      10 permit icmp any any (2712 matches)
                      20 permit udp any any eq domain (227 matches)
                      50 permit udp any eq bootpc any (62 matches)
                      140 permit udp any any eq 5351 (90 matches)
                      160 permit udp any any eq 10102 (39700 matches)
                      220 permit tcp any any eq www (452 matches)
                      240 permit tcp any any eq 443 (851 matches)
                      260 permit tcp any any eq 8443 (332 matches)
                      280 permit tcp any any eq 8450 (5020 matches)
                      300 permit tcp any any range 1 1023 log (6 matches)
                      310 permit tcp any any eq 3074 (424 matches)
                      330 permit tcp any any eq 3490 (169 matches)
                      350 permit tcp any any range 1024 65535 log (1 match)


                      Extended IP access list Dishnet-out



                      10 permit icmp any any log (15 matches)
                      30 permit udp any eq domain any (227 matches)
                      230 permit tcp any eq www any (347 matches)
                      250 permit tcp any eq 443 any (905 matches)
                      270 permit tcp any eq 8443 any (179 matches)
                      290 permit tcp any eq 8450 any (2695 matches)
                      330 permit tcp any eq 3074 any (419 matches)
                      350 permit tcp any eq 3490 any (168 matches)





                      share|improve this answer






























                        0














                        Here is some port info for dish hopper with sling:



                        Extended IP access list Dishnet-in



                        10 permit icmp any any (2712 matches)
                        20 permit udp any any eq domain (227 matches)
                        50 permit udp any eq bootpc any (62 matches)
                        140 permit udp any any eq 5351 (90 matches)
                        160 permit udp any any eq 10102 (39700 matches)
                        220 permit tcp any any eq www (452 matches)
                        240 permit tcp any any eq 443 (851 matches)
                        260 permit tcp any any eq 8443 (332 matches)
                        280 permit tcp any any eq 8450 (5020 matches)
                        300 permit tcp any any range 1 1023 log (6 matches)
                        310 permit tcp any any eq 3074 (424 matches)
                        330 permit tcp any any eq 3490 (169 matches)
                        350 permit tcp any any range 1024 65535 log (1 match)


                        Extended IP access list Dishnet-out



                        10 permit icmp any any log (15 matches)
                        30 permit udp any eq domain any (227 matches)
                        230 permit tcp any eq www any (347 matches)
                        250 permit tcp any eq 443 any (905 matches)
                        270 permit tcp any eq 8443 any (179 matches)
                        290 permit tcp any eq 8450 any (2695 matches)
                        330 permit tcp any eq 3074 any (419 matches)
                        350 permit tcp any eq 3490 any (168 matches)





                        share|improve this answer




























                          0












                          0








                          0







                          Here is some port info for dish hopper with sling:



                          Extended IP access list Dishnet-in



                          10 permit icmp any any (2712 matches)
                          20 permit udp any any eq domain (227 matches)
                          50 permit udp any eq bootpc any (62 matches)
                          140 permit udp any any eq 5351 (90 matches)
                          160 permit udp any any eq 10102 (39700 matches)
                          220 permit tcp any any eq www (452 matches)
                          240 permit tcp any any eq 443 (851 matches)
                          260 permit tcp any any eq 8443 (332 matches)
                          280 permit tcp any any eq 8450 (5020 matches)
                          300 permit tcp any any range 1 1023 log (6 matches)
                          310 permit tcp any any eq 3074 (424 matches)
                          330 permit tcp any any eq 3490 (169 matches)
                          350 permit tcp any any range 1024 65535 log (1 match)


                          Extended IP access list Dishnet-out



                          10 permit icmp any any log (15 matches)
                          30 permit udp any eq domain any (227 matches)
                          230 permit tcp any eq www any (347 matches)
                          250 permit tcp any eq 443 any (905 matches)
                          270 permit tcp any eq 8443 any (179 matches)
                          290 permit tcp any eq 8450 any (2695 matches)
                          330 permit tcp any eq 3074 any (419 matches)
                          350 permit tcp any eq 3490 any (168 matches)





                          share|improve this answer















                          Here is some port info for dish hopper with sling:



                          Extended IP access list Dishnet-in



                          10 permit icmp any any (2712 matches)
                          20 permit udp any any eq domain (227 matches)
                          50 permit udp any eq bootpc any (62 matches)
                          140 permit udp any any eq 5351 (90 matches)
                          160 permit udp any any eq 10102 (39700 matches)
                          220 permit tcp any any eq www (452 matches)
                          240 permit tcp any any eq 443 (851 matches)
                          260 permit tcp any any eq 8443 (332 matches)
                          280 permit tcp any any eq 8450 (5020 matches)
                          300 permit tcp any any range 1 1023 log (6 matches)
                          310 permit tcp any any eq 3074 (424 matches)
                          330 permit tcp any any eq 3490 (169 matches)
                          350 permit tcp any any range 1024 65535 log (1 match)


                          Extended IP access list Dishnet-out



                          10 permit icmp any any log (15 matches)
                          30 permit udp any eq domain any (227 matches)
                          230 permit tcp any eq www any (347 matches)
                          250 permit tcp any eq 443 any (905 matches)
                          270 permit tcp any eq 8443 any (179 matches)
                          290 permit tcp any eq 8450 any (2695 matches)
                          330 permit tcp any eq 3074 any (419 matches)
                          350 permit tcp any eq 3490 any (168 matches)






                          share|improve this answer














                          share|improve this answer



                          share|improve this answer








                          edited Jan 17 at 16:27









                          Glorfindel

                          1,42241220




                          1,42241220










                          answered Jan 17 at 15:00









                          mikemike

                          1




                          1






























                              draft saved

                              draft discarded




















































                              Thanks for contributing an answer to Super User!


                              • Please be sure to answer the question. Provide details and share your research!

                              But avoid



                              • Asking for help, clarification, or responding to other answers.

                              • Making statements based on opinion; back them up with references or personal experience.


                              To learn more, see our tips on writing great answers.




                              draft saved


                              draft discarded














                              StackExchange.ready(
                              function () {
                              StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f598782%2fport-listening-and-home-router-security%23new-answer', 'question_page');
                              }
                              );

                              Post as a guest















                              Required, but never shown





















































                              Required, but never shown














                              Required, but never shown












                              Required, but never shown







                              Required, but never shown

































                              Required, but never shown














                              Required, but never shown












                              Required, but never shown







                              Required, but never shown







                              Popular posts from this blog

                              "Incorrect syntax near the keyword 'ON'. (on update cascade, on delete cascade,)

                              Alcedinidae

                              Origin of the phrase “under your belt”?