Problem solve Get help with specific problems with your technologies, process and projects.

Disabling open ports a good idea?

I am running HP JetDirect (HP ETHERNET MULTI-ENVIRONMENT,ROM G.05.34, JETDIRECT,JD30,EEPROM G.05.35) on HP LaserJet 4000N. I did some port scanning and found that it has the following ports open: 23, 80, 515 and 9100. How do I disabled the port 23, 80 and 515 from running?
You'll want to think twice before disabling ports 23 and 515. Port 23 is associated with Telnet, so if you disable this port you won't be able to use Telnet any more. Port 80 is associated with HTTP (Web access) so if you disable that port, you won't be able to access any Web sites. 515 is the port associated with TCP-based printing services, so if you close that port, you won't be able to access the printer with TCP/IP.

Port 23 is probably used for remote access and controls, port 80 likewise, so it may interfere with the device's manageability. Port 515 is directly related to printing, so closing that may render it useless (unless you're using a different protocol for network printing, that is). Port 9100 is probably a temporary port opened for some reason or another. Such things show up any time a service connection is established for any kind of TCP service.

As for shutting down ports on a JetDirect interface, check with the HP printer pages for information. It may be better to block these ports at a router or firewall to prevent such traffic from transiting the LAN that the printer is supposed to service. I'm concerned that if you shut them down at the printer itself, it may not work properly.

Contact HP Technical Support for more information on this subject, if you're bound and determined to carry out this course of action.

Good luck!

Reader comments:

From Jeremy Hines:
Just to let you know, port 9100 is used by some printing systems for TCP printing. Namely the AS/400 platform will talk to the JetDirect box on port 9100. Hope that helps to clear that up for you (I work in an AS/400 shop).

From Diethard Ohrt:
I would like to add a comment to Ed Tittel's tip dealing with ports and HP JetDirect. This tip was about whether to shut down ports 23, 80, 515 and/or 9100.

I want to add some information about port 9100:
In HP-UX, this is the default port for serial connections via hpnpf(1) (and maybe other utils).
hpnpf can be used to send files to a serial peripheral over TCP.
Port 9100 is also used for the serial port 1 (RS-232) on a X station (terminal); port 9101 is serial 2, 9102 is the parallel port.
This was last published in November 2001

Dig Deeper on Network Security Monitoring and Analysis