50 lines
1.5 KiB
Markdown
50 lines
1.5 KiB
Markdown
# Port Scan Results: Home Network (47.197.93.62)
|
|
|
|
**Scan Date:** 2026-01-27 11:08-11:11 CET
|
|
**From:** zurich.inou.com (82.22.36.202)
|
|
**Target:** 47.197.93.62 (Johan's home - St. Petersburg, FL)
|
|
**Scan Type:** Full TCP SYN scan (-sS -sV -O -A -T4 -p-)
|
|
|
|
## Open Ports
|
|
|
|
| Port | State | Service | Version/Details |
|
|
|------|-------|---------|-----------------|
|
|
| 80/tcp | open | http | Caddy httpd |
|
|
| 443/tcp | open | ssl/https | Caddy (TLS) |
|
|
| 2283/tcp | open | http | Node.js Express (likely Immich) |
|
|
| 8123/tcp | open | http | aiohttp 3.13.3 - **Home Assistant** |
|
|
|
|
## Notes
|
|
|
|
- **65,531 ports filtered** (no response) - firewall is working
|
|
- Only 4 ports exposed to internet
|
|
- Home Assistant exposed on 8123 - **potential concern for SOC2**
|
|
- Immich (photo service) on 2283 - publicly accessible
|
|
- Caddy handling web traffic on 80/443
|
|
|
|
## OS Detection
|
|
|
|
- Linux 4.15 - 5.8 (93% confidence)
|
|
- 14 network hops from Zurich
|
|
|
|
## Traceroute
|
|
|
|
Zürich → Munich → Frankfurt → Paris → DC → Atlanta → Miami → Florida
|
|
|
|
## SOC2 Considerations
|
|
|
|
1. **Home Assistant (8123)**: Publicly exposed smart home controller. Consider:
|
|
- VPN-only access
|
|
- Tailscale mesh
|
|
- Strong authentication required
|
|
|
|
2. **Immich (2283)**: Photo service exposed. Review:
|
|
- Authentication requirements
|
|
- Data sensitivity
|
|
|
|
3. **Overall**: Minimal attack surface (only 4 ports). Firewall properly blocking unused ports.
|
|
|
|
---
|
|
|
|
*Full scan output stored on zurich.inou.com:/root/portscan-home-20260127.txt*
|