Why is port tcp/81 open and listening on my MX devices on the inside interface?
Been doing some vulnerability scanning and it came back that all of our 6 MX devices are listening and responding on tcp/81 on the inside interface. I go to the IP of the MX internally on port 81 in a browser and get a 404
The requested URL / was not found on this server.
Does it on my MX64 at home at well, checked another MX100....tcp/81 all open and giving 404. Same error on all of them. None of these devices have port 81 open on the firewall to anything. Some don't have any incoming ports open.
Called into support and they said it will listen on all ports and reply. Not true since I can go to a browser and put in port anything and get nothing. It's just tcp/81.
Interesting one... I did some digging and looks like it might be where an icon was once stored. The root for my MX on port 81 seems to redirect to http://<MX IP Address>:81/favicon.ico - and throws the 404 error. Maybe someone at Meraki can explain this one, or close the port if its no longer used.
This is one of a few issues i found out with equipment.
Amongst things like hosts in vlan's being about to ping the gateways of other vlans ( which to me is a security issue in itself even though according to support is built to be like this - cannot think of a reason why, even when you have firewall rules saying not to allow it ), you can also get to port 80 of all these vlans which is also a non secure protocol that is automatically open.