Blocked Internet Ports List

Print
Find out which ports are blocked by XFINITY and Comcast services, and why.

Ports on the internet and like virtual passageways where data can travel. All information on the internet passes through ports to get to and from computers and servers. When a certain port is known to cause vulnerability to the security and privacy of your information, XFINITY blocks it to protect you.

Find the Reasons for Blocking Listed Below

Port Transport Protocol Direction Downstream/ Upstream to CPE Reason for Block IP Version
0 TCP N/A Downstream Port 0 is a reserved port, which means it should not be used by applications. Network abuse has prompted the need to block this port. IPv4/IPv6
25 TCP SMTP Both Port 25 is unsecured, and Botnet spammers can use it to send spam. This does not affect XFINITY Connect usage. We recommend learning more about configuring your email settings to Comcast email to use port 587. IPv4/IPv6
67 UDP BOOTP, DHCP Downstream UDP Port 67, which is used to obtain dynamic Internet Protocol (IP) address information from our dynamic host configuration protocol (DHCP) server, is vulnerable to malicious hacks. IPv4
135-139 TCP/UDP NetBios Both NetBios services allow file sharing over networks. When improperly configured, ports 135-139 can expose critical system files or give full file system access (run, delete, copy) to any malicious intruder connected to the network. IPv4/IPv6
161 UDP SNMP Both SNMP is vulnerable to reflected amplification distributed denial of service (DDoS) attacks. IPv4/IPv6
445 TCP MS-DS, SMB Both Port 445 is vulnerable to attacks, exploits and malware such as the Sasser and Nimda worms. IPv4/IPv6
520 UDP RIP Both Port 520 is vulnerable to malicious route updates, which provides several attack possibilities. IPv4
547 UDP DHCPv6 Downstream UDP Port 547, which is used to obtain dynamic Internet Protocol (IP) address information from our dynamic host configuration protocol (DHCP) server, is vulnerable to malicious hacks. IPv6
1080 TCP SOCKS Downstream Port 1080 is vulnerable to, among others, viruses, worms and DoS attacks. IPv4/IPv6
1900 UDP SSDP Both Port 1900 is vulnerable to DoS attacks. IPv4/IPv6
Print

Find this article at:

https://www.xfinity.com/support/internet/list-of-blocked-ports/

Was This Article Helpful?

Rate this article on a scale of 1 - 5

Related Articles

Need more help? We're on it.

Find an XFINITY Store or service center near you.