OK, thanks for the replies, ...here is an update.
I ran the full port test at ShieldsUp!! Unfortunately it does not give a report. Despite the results indicating this:
"
Solicited TCP Packets: RECEIVED (FAILED) —
As detailed in the port report below, one or more of your system's ports actively responded to our deliberate attempts to establish a connection."
...there is in fact no report below.
So kind of useless.
It did identify 9 ports as closed, the rest as stealth (of the 1056 ports examined).
Zoomeye and Shodan had similar looking results. Seemed interesting! Although not entirely clear Zoomeye reported these results (nothing under the Vulnerability tab):
82/HTTP: Must have got a response - it includes some HTTP code (it includes some Chinese characters and some language checking javascript; one of the Chinese strings translated as "Chinese needs to distinguish Simplified and Traditional").
83/HTTP: same (with what looks like identical HTML code)
8080/HTTP: It detected the
Blue Iris server.
Consistent with the above details it reports 3 HTTP services: 2 webcam, 1 unknown.
Product list shows BlueIris and 2 HikVision IP cameras.
Now I am not sure why only two HikVisions are showing since I have 4 ... it might be the way they are networked - two are plugged into a switch that goes to a switch that the Blue Iris sever connects to, so maybe those two aren't being seen outside?
Should/Can I disable the two HikVision cameras from appearing on port 82? Not even sure why they are using that port...I can still login to them locally using their IP (and can connect using the SADP tool).
Actually, all the port forwarding rules on the router related to the 4 HikVision cameras had been turned off, so how can this actually occur? (2 cameras had 3 portforwarding rules each, 1 had 9 and 1 had 15, crazy! that included HTTP rules).
So now I just deleted all those rules in the router and re-tested with no change!!! (I will reset the Rogers Hitron router after I post that to see if it makes a difference.)
I have a Rogers Hitron cable modem (with wifi and router): just that and several switches, no other router.
At my old house the Rogers device was in bridge mode and I used a router running the Shibby Tomato Firmware that was nice ... I used that to only allow specified MAC addresses onto the network, and to not broadcast my SSID.
At the new house the Rogers wifi worked so well I didn't bother with my own router (and the old house router was getting kind of old so would need to be replaced).
Should I go back to bridge mode on the Rogers cable modem and use my own router/wifi? If I do that, it would be a bit of a hassle as now I have to pick a router. And would likely get some kind of mesh wifi (again a hassle to go figure out what is best).
