Port 21 and 554 open - why?

Question

I've just setup an VS, listering on a specific IPv4 address and HTTPS. Two nodes in the pool. Simple. However, when I scan the IP from outside, nmap also lists tcp port 21 and 554 (rtsp). There is no ftp or rtsp profile connected to the vs.&nbsp;
Why? :)&nbsp;

stanislas_piro2 · Answer

If you create a virtual server on port 443, only packets matching port 443 will mach this VS. a virtual server listen on a specific port, all other ports are not handled by this virtual server.&nbsp;
when you create a virtual server, it create another object named virtual address. Are there multiple virtual servers sharing the same virtual address?&nbsp;
Do you have a firewall in front of BigIP?&nbsp;
if yes, is it configured to allow these ports? is it working as application proxy for these services? &nbsp;
Can you try the same map scan from a host connected on the same subnet as the virtual server address?&nbsp;

ecce · Answer

It was nmap false positive. I've found a few threads describing similar scenarios, like this one: https://hackerific.net/2016/03/20/false-positive-tcp-ports/ &nbsp;

Forum Discussion

Port 21 and 554 open - why?

2 Replies

Recent Discussions

Transaction looks successful but file not downloading

F5Access | MacOS Sonoma

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Related Content

AppWorld 2024 Call For Speakers open

Why We CVE

Why use mgmt port to monitor ?

Fortify HashiCorp Terraform Cloud automation for BIG-IP using Open Policy Agent - OPA

Agility 2020 registration now open!