IP-STB Network Services
Open Ports
There are no listening network services running on the IP-STB by default
(UDP or TCP). Only outbound connections are used. This means there are no
"open ports" vulnerable for attack.
However, there are a few exeptions to this rule:
- The boot image included in the "Evaluation Kit" has logging enabled. This
means that TCP port 19999 is open (the port number used is configurable).
- It is possible to include a ssh server when building a boot image with the
xDK's. This will listen to the standard ssh port, TCP port 22.
- It is possible to include a telnet server when building a boot image with
the xDK's. This will listen to the standard telnet port, TCP port 23.
- Third party developers may include any type of network services when
building boot images.
Port Scanning
As stated above, there are typically no open ports on the IP-STB. However,
the Linux kernel used implements ICMP error message rate limiting as specified
in RFC 1812. This can confuse port scanners, and cause them to falsely state
that open ports are found.