What Ports Are Open On My Router?
Erick N. Borgard CCNP
Here is a little trick you can use to find out what ports are open on your Cisco router. You can use the command show control-plane host open-ports command to see what ports your Cisco router is listening on for connections. This command will also show if there are any connections presently established.
Internet_RTR#show control-plane host open-ports
Active internet connections (servers and established)
Prot Local Address Foreign Address Service State
tcp *:23 *:0 Telnet LISTEN
tcp *:23 10.10.10.31:49664 Telnet ESTABLIS
udp *:67 *:0 DHCPD Receive LISTEN
udp *:68 *:0 BootP client LISTEN
udp *:123 *:0 NTP LISTEN
The above output shows the router is listening for connections for telnet, DHCP, BootP and NTP. We can also see that the router has an established telnet connection from a device that sourced a connection from IP address 10.10.10.31 and a source port of 49664. The connection was established to the router on the standard telnet port 23. Using this command could help to harden the router to prevent attacks.
