For security reasons, some network ports are blocked on the Viasat service
A port is a communication endpoint in a network or computer system, and different ports serve as electronic ‘doors’ for different types of traffic. Internet service providers like Viasat routinely block certain ports for a variety of reasons, mostly related to security. Hackers and other cyber criminals are known to exploit certain ports, particularly ones that are little used or otherwise vulnerable.
While most customers won’t be concerned with blocked ports, some more advanced users may wish to know which ports we block and why. We’ve provided this list here with other technical details for those who’d like to know more.
|19||UDP||Chargen||Inbound / Outbound||This is an antiquated protocol with a very high amplification factor in modern DDoS attacks. The protocol is blocked to prevent clients from getting attacked by bots using this protocol.|
|23||TCP||Telnet||Inbound / Outbound||Telnet is an unencrypted and unsecure remote management protocol. Many Internet of Things devices (IP cameras, smart TVs, etc.) have management ‘back doors’ in them that cannot be closed, opening a vulnerability for attackers to remotely log into these devices. After such a connection is established, the devices are being used to conduct outbound attacks against targets in the Internet. For remote management, please use SSH at all times.|
|53||TCP & UDP||DNS||Inbound only||DNS is service that translates host names to IP addresses and is a requirement in order to reach web assets on the Internet. Viasat clients are not authorized to host DNS servers on their home networks since it is provided by the ISP. An attacker commonly installs rogue DNS servers on victims to route malicious traffic through. Blocking this service prevents that attack vector.|
|1900||UDP||SSDP||Inbound / Outbound||SSDP is a port used for the universal sharing of network-enabled assets and is a primary vector for oncoming DDoS attacks. Filtering this port proactively prevents systems from being remotely compromised by malicious worms or intruders.|