We are in the process of setting up a guest network and I am running nmap scans across it to ensure we are blocking traffic to other networks and certain known ports that are highly susceptible to vulnerabilities (SMB, RDP, etc...).
In doing so I can see there are several open ports to the IP address assigned to the controller on that subnet.
Here are the open ports:
17/tcp
21/tcp
22/tcp
80/tcp
443/tcp
1723/tcp
4343/tcp
8080/tcp
8081/tcp
8082/tcp
8088/tcp
Should I deny all access to the controller on the Guest network?
Should I selectively block some ports/services and not others?
Should some of the services listed above be turned off in the controller's configuration? What commands do it?
------------------------------
Thanks,
Job
------------------------------