The ports listed below are blocked to protect against common viruses and worms, malicious intruders, and other security risks.
These ports are blocked to protect our customers and the integrity of the Comcast Network; these blocks cannot be lifted.
| Port | Transport | Protocol | How and why it's blocked |
|---|---|---|---|
| 0 | TCP | N/A |
Inbound and outbound, blocked by default. Port 0 is a reserved port, which means it should not be used by applications. Network abuse has prompted the need to block this port. |
| 68 | UDP | BOOTP/DHCP |
Inbound only, blocked by default. Used to obtain dynamic Internet protocol (IP) address information from Comcast's dynamic host configuration protocol (DHCP) server that assigns IP addresses to customer computers. DHCP ports can be used for malicious attacks, such as obtaining access to a computer or network and its devices. |
| 135 -139 |
TCP/UDP | NetBIOS |
Inbound and outbound, blocked by default. Allows file sharing over networks. When improperly configured, they can expose critical system files or give full file system access (run, delete, copy) to any malicious intruder connected to the network. |
| 161 -162 |
TCP/UDP | SNMP |
Inbound and outbound, blocked by default. SNMP is vulnerable to reflected amplification distributed denial of service (DDoS) attacks. |
| 445 | TCP | MS-DS-SMB |
Inbound and outbound, blocked by default. Security risks; vulnerable to attacks, exploits, and worms (such as Sasser and Ninder). |
| 520 | TCP/UDP | RIP |
Inbound and outbound, blocked by default. Vulnerable to malicious route updates, which provide several attack possibilities. |
| 1080 | TCP | SOCKS |
Inbound only, blocked by default. Multiple vulnerabilities (viruses, worms, DoS attacks). |
In very rare situations, port 25 will be blocked by Comcast Customer Security Assurance on a per customer basis (blocked at the modem) and not across the network. This block will be preceded by an email and letters to the billing address. In this case, you can use secured port 587 for sending email.
If you are running a mail server please contact Comcast Customer Security Assurance at 1-877-807-6580 for more information on this block.
| Port | Transport | Protocol | How and why it's blocked |
|---|---|---|---|
| 25 | TCP | SMTP |
Inbound and outbound, not blocked by default. We may apply a sending block, which will prevent email programs or clients (e.g., Outlook Express) from sending email. An unsecured port that can be used to send spam. Customers may be advised by our Security Assurance team to switch their modem connection to a secured port that requires authentication (such as port 587). |
CarlStreet
New Member
•
2 Messages
4 years ago
Port 21 Blocked Comcast Business NOT Xfinity Repeat NOT Xfnity
Does NOT allow FTP
Have been working on this for over a weekl
0
0
Comcast_JosephA
Official Employee
•
272 Messages
4 years ago
Hello, @CarlStreet, please click on my name and use the send message option to send a private message. If you can include your name, account number, and service address we can take a closer look. Most of the time Port Forwarding issues are past our demarcation for support but we will always do all we can.
0
0
CarlStreet
New Member
•
2 Messages
4 years ago
Hello, @CarlStreet , please click on my name and use the send message option to send a private message.
1. " please click on my name" -- Did so
2. "use the send message option to send a private message." -- HUH?? There is NO Send Message Option
This is what I See -- NO Private Message Option
0
0
CC_RobertC
Problem solver
•
144 Messages
4 years ago
Hi there! I'd be glad to ensure that this gets looked into further. Please click on my handle (ComcastRob) and send a private message with your name, the complete service address (including city, state, ZIP, suite number, etc), and the phone or account number, and any pertinent details-- like the ticket number(s)-- so we can help. @CarlStreet
0
0