Official Employee
•
304 Messages
Ports blocked on Comcast's network (Answered)
For the protection of the network and our customers, Comcast Business Internet blocks certain ports. Learn which ports are blocked and why.
List of ports that are blocked
The ports listed below are blocked to protect against common viruses and worms, malicious intruders, and other security risks. These ports are blocked to protect our customers and the integrity of the Comcast Network; these blocks cannot be lifted.
| Port | Transport | Protocol | How and why it's blocked |
| 0 | TCP | N / A | Inbound and outbound, blocked by default.
A reserved port, which means it should not be used by applications. Network abuse has prompted the need to block this port. |
| 25 | TCP | SMTP | Unsecured and Botnet spammers can use it to send spam. |
| 67 | UDP | BOOTP / DHCP | Used to obtain dynamic Internet Protocol (IP) address information from our dynamic host configuration protocol (DHCP) server, is vulnerable to malicious hacks. |
| 68 | UDP | BOOTP / DHCP |
Inbound only, blocked by default. Used to obtain dynamic Internet protocol (IP) address information from Comcast's dynamic host configuration protocol (DHCP) server that assigns IP addresses to customer computers. DHCP ports can be used for malicious attacks, such as obtaining access to a computer or network and its devices. |
| 110 | TCP | POP3 |
The Post Office Protocol (POP) is a mail protocol used for receiving email. This port is blocked because without SSL enabled, it is not encrypted and leaves customers vulnerable to having their user information and passwords compromised. |
| 135 - 139 | TCP / UDP | NetBIOS | Inbound and outbound, blocked by default.
Allows file sharing over networks. When improperly configured, they can expose critical system files or give full file system access (run, delete, copy) to any malicious intruder connected to the network. |
| 161 - 162 | TCP / UDP | SNMP |
Inbound and outbound, blocked by default. SNMP is vulnerable to reflected amplification distributed denial of service (DDoS) attacks. |
| 445 | TCP | MS - DS - SMB |
Inbound and outbound, blocked by default. Vulnerable to attacks, exploits, and worms (such as Sasser and Ninder). View suggested solutions for Microsoft® Azure files. |
| 520 | TCP / UDP | RIP |
Inbound and outbound, blocked by default. Vulnerable to malicious route updates, which provide several attack possibilities. |
| 547 | UDP | DHCPv6 |
Used to obtain dynamic Internet Protocol (IP) address information from our dynamic host configuration protocol (DHCP) server, is vulnerable to malicious hacks. |
| 1080 | TCP | SOCKS |
Inbound only, blocked by default. Multiple vulnerabilities (viruses, worms, DoS attacks). |
| 1900 | UDP | SSDP |
Vulnerable to DoS attacks. |
If you are a Comcast Business customer using a product that permits running of an SMTP server and require more information or assistance regarding a blocked port, please contact Comcast Customer Security Assurance at (877) 807-6580.
No Responses!