The original post: /r/homenetworking by /u/RefrigeratorLanky642 on 2025-03-14 02:06:17.

I recently ran an Nmap scan on my network and found some open and filtered ports on my Virgin Media 3 router. My housemate clicked on a possible phishing link (we already did a factory reset on their device), but I’m still concerned about network security. We have several connected devices, including Alexa, Firestick, PS5, PS4, as well as multiple computers and phones.

Here are the scan results:

bashCopyEditNot shown: 65527 closed tcp ports (reset)
PORT      STATE    SERVICE  
22/tcp    filtered ssh  
23/tcp    filtered telnet  
53/tcp    open     domain  
80/tcp    open     http  
7547/tcp  filtered cwmp  
8080/tcp  filtered http-proxy  
8181/tcp  filtered intermapper  
49152/tcp open     unknown  

I’ve confirmed that my router’s web interface runs on port 80. I’m considering blocking unnecessary ports but need clarification on which firewall rules to apply (inbound vs outbound).

My questions:

1️⃣ Should I block all open/filtered ports in my router’s firewall?

2️⃣ Is there anything else I should do to ensure my network isn’t compromised?

3️⃣ Could a MITM attack or other threats persist even after a factory reset?

4️⃣ What should I do about port 49152 (unknown)?

Any guidance or shared experiences would be greatly appreciated!