0

enter image description hereSince several days ago I've noticed a strange behaviour on my router. On router logs , in Port forwarding section I've noticed a Port forward to one of my PC. ( this has happening to different PC in different time ). On my router Options , Por t forward is DISABLED.
The line on the log file contain a PORT RANGE that is different every time , and a Local Port that is always 7070.
I've checked the local port (7070) with :

netstat -ano | findstr "7070"

and the proces that is listening on that port is Anydesk. ( Is always Anydesk in other PC where i've noticed this behaviour ) I've checked also the PORT RANGE on websites that test open ports , and they says that the port is open.

If i restart the router , the line on log file dissapear and the port result closed.But this situation has repeated several times with the same behaviour but on diferent PC.

How this can be possible , because as i said the option Port Forward on my router is set to disabled.

Improve this question
13
  • How would AnyDesk connect if it cannot use its port?
    – anon
    Commented Jun 4 at 23:36
  • @John Anydesk works even when there are no port forward on my router logs. But time to time on Router log appear a port forward configured as i've described. But as i said Port forward option on my router is DISABLED. How this port forward is configured?
    – alex
    Commented Jun 4 at 23:39
  • 1
    Sounds like AnyDesk is using UPNP to dynamically config the port forwarding it needs. see if you router has any config settings for UPNP; perhaps you can disable it there.
    – Frank Thomas
    Commented Jun 4 at 23:40
  • 1
    support.anydesk.com/knowledge/firewall ...... AnyDesk clients use the TCP-Ports 80, 443, and 6568 to establish connections. It is however sufficient if just one of these is opened. AnyDesk’s “Discovery” feature uses a free port in the range of 50001–50003 and the IP 239.255.102.18 as default values for communication.
    – anon
    Commented Jun 4 at 23:51
  • @FrankThomas UPNP is disabled on router.
    – alex
    Commented Jun 5 at 0:09

1 Answer 1

Reset to default
1

You need port forward for someone else to connect into your network, unless you have seriously restrictive firewall rules that deny any explicitly not allowed incoming connections. Most common routers are essentially linux or a Realtime OS running a stateful firewall. If your PC's initiating the connection, the router or firewall is going to let it through, unless the port is explicitly blocked.

A lot of remote desktop software that relies on an external service will initiate the connection from the system you are remoting to, and use a external server to either proxy the connection, or broker the connection between PCs. You're not always going to have an end user with the knowledge, or access to open up a port for you to run remote access on, and this is a simpler solution.

If you're not explicitly using anydesk - its commonly used by scammers. Your problem isn't that anydesk's bypassing your firewall (Its designed to!), its that one of your systems might be compromised.

In theory, on a better firewall or consumer router, you could specifically block that service - but at the risk of sounding alarmist, it sounds like one or more of your systems is compromised, and you might need to act accordingly.

Improve this answer
9
  • Yes , i'm afraid that a malware can do this ? So on my router Port Forward is Disabled , and i have an open port showed by router logs . So how this can be possible ?
    – alex
    Commented Jun 5 at 0:34
  • Do a full Online AND Offline scan with Windows Defender
    – anon
    Commented Jun 5 at 0:43
  • @John I have Norton Deluxe , a scan is made by default every some hours.
    – alex
    Commented Jun 5 at 0:51
  • An Offline scan may do a better job. Restart required.
    – anon
    Commented Jun 5 at 0:55
  • 1
    I'm interpreting it as the connection was started on another port, and is connected over port 7070 - which feels like a fairly normal thing. To me, at this point, the important thing is working out why and how anydesk is there
    – Journeyman Geek
    Commented Jun 5 at 1:22

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .