Open Doors on Sys-Whonix

Hello guys!
This is my nmap scan on Disposable-Whonix Vm’s:

9050/tcp - torsocks (ok)
9102/tcp - jetdirect ?

I dont know what is that: “jetdirect” , this is normal in all whonix vm’s?

In sys-whonix i got this:

8082 - blackice-alerts (ok)
9050 - torsocks (ok)
9100 - jetdirect ?
9101 - jetdirect ?
9102 - jetdirect ?
9103 - jetdirect ?
9110 - unknown ?
9111 - DragonIDSConsole ?
9200 - Wap-Wsp ?
9207 - Wap-vcal-s
9220 - unknown ?

How i can remove this services and close this doors on sys-whonix?
Anyone can help?

                                                           - Berkeley

HP Jetdirect is the name of a technology sold by Hewlett-Packard that allows computer printers to be directly attached to a Local Area Network.

SSMP Message protocol

that a ids, it acceptable

WapServ Lite, WapServ Pro and WapServ Enterprise

WAP vCal Secure

config sys-firewall to block all of there and check if thing broken

1 Like

Jet direct is usually a printer driver or a interface to a printer subset. This feature will allow for printing from my experience.

Port assignment attributions are perhaps a contentious topic as there is no guarantee that any traffic on a given port (wild west with no authority overriding it) is actually being used for the purposes of the one party which historically used that port (commonly these days bad actors use the same ports for their traffic to by-pass well meaning filter tech because of a presumption that blindly trusting the idea that only non port 80 or port 443 traffic can be hazardous). Did anyone from Whonix note this thread to comment upon the Whonix project using the same port for a Tor/Whonix purpose? Maybe it’s simply best to indicate that this port has been used by Jet Direct (HP) in the past & is commonly associated with Jet Direct but this is by no means a lock on the topic. Better if someone asked Whonix group to clarify, meanwhile is this unique to Whonix under Qubes?

1 Like

That should be tor itself listening on 9102 + 9050.
You can perform a service scan with nmap -sV