topic Re: Port 22 is open on scanning in Firewall and Security Management

Port 22 is open on scanning

Oliver_222 — Thu, 29 Jun 2023 15:00:31 GMT

Can you please tell me why when scanning the ports shows that port 22 is open. According to the rules of this port is closed. Connection via telnet does not work.
There is also a log with the message "Connection terminated before detection: Insufficient data passed. To learn more see sk113479."
Could you tell me what could be the problem?

Re: Port 22 is open on scanning

PhoneBoy — Thu, 29 Jun 2023 17:51:01 GMT

Did you read sk113479? It explains this behavior.
Most likely, you have multiple rules that apply to the given destination(s), one or more of which are earlier in the rulebase that requires more than the first packet to match.
To ensure this traffic is blocked on the first packet, you will need a more specific rule earlier in your rulebase (specifically, one that includes the service SSH).

Re: Port 22 is open on scanning

the_rock — Thu, 29 Jun 2023 18:01:44 GMT

That sk is essentially CP's long way of saying "Its NOT our problem" : - )