Advisory: Sophos Endpoint "Your connection isn't private" after reboot. Policy settings can be returned to normal. See: KB-000045954 for the latest updates.

Why is Port 53 exposed

Periodically I do reviews of the firewall configuration.

Recently, I noticed that the UTM was listening on the WAN interface on port 53.

Why is this the case. 
This is a security problem and would explain why I've been bombarded with port scans for decades of using the Astaro/Sophos product.



  • This wouldn't take into account the firewall/filtering configured for this service.  The only networks allowed to make dns requests should be listed under Network Services->DNS->Allowed Networks.  Mine also shows the system listening on SMTP ports even though the service is disabled.  I guess you could always do a port scan to verify the results.