Port 21 and 554 open - why?

Question

I've just setup an VS, listering on a specific IPv4 address and HTTPS. Two nodes in the pool. Simple. However, when I scan the IP from outside, nmap also lists tcp port 21 and 554 (rtsp). There is no ftp or rtsp profile connected to the vs.&nbsp;
Why? :)&nbsp;

stanislas_piro2 · Answer

If you create a virtual server on port 443, only packets matching port 443 will mach this VS. a virtual server listen on a specific port, all other ports are not handled by this virtual server.&nbsp;
when you create a virtual server, it create another object named virtual address. Are there multiple virtual servers sharing the same virtual address?&nbsp;
Do you have a firewall in front of BigIP?&nbsp;
if yes, is it configured to allow these ports? is it working as application proxy for these services? &nbsp;
Can you try the same map scan from a host connected on the same subnet as the virtual server address?&nbsp;

ecce · Answer

It was nmap false positive. I've found a few threads describing similar scenarios, like this one: https://hackerific.net/2016/03/20/false-positive-tcp-ports/ &nbsp;

Forum Discussion

Port 21 and 554 open - why?

Recent Discussions

F5 BOT DEFENSE AWAF blocked some legitimate browsers

Advice to partial rename uri path

In Radius auth, how to allow second attempt of token input when the first input is incorrect?

Submenus missing in ASM Security Tab

XC Bot defense question

Related Content

ports are showing open on online scanning tool

AppWorld 2024 Call For Speakers open

Why use mgmt port to monitor ?

Share Your Expertise at F5 AppWorld 2025! CFP is now open.

SLA Uptime, Resiliency, and why 100% Uptime can be Misleading

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS