Does an iPad need a firewall?

1 Comment

2012-08-18 13.36.50We got into a discussion last night about using an iPad on an unsecured WiFi network, like in a Starbucks or in a hotel.  What does the iPad expose to the network?

I’ve run a pretty intense scan against my iPad using Zenmap and found that the following ports are open:

  • 62078 – This is used for synching over WiFI to iTunes.  Disabling WiFi synch closes the port.  There seems to be some security and authentication protocols involved here.
  • 5353 – MDNS. The iPad is listening for devices advertising via the Bonjour (Avahi) protocol.

So, the question is whether the data sent for synching is encrypted and whether the authentication protocol is reasonably strong.  Unfortunately, I have yet to discover anything definitive about this on an Apple site. This whitepaper from Apple indicates that there’s lots of encryption taking place.   (If you can find a link, please add a comment!)

Here’s a link to someone else who’s looked into this.

Here are the raw scan results

Nmap scan report for 192.168.123.109
Host is up (0.0047s latency).
Not shown: 1945 closed ports, 53 filtered ports
PORT      STATE SERVICE      VERSION
62078/tcp open  iphone-sync?
5353/udp  open  mdns         DNS-based service discovery
dns-service-discovery:
62078/tcp apple-mobdev
Address=192.168.123.109 fe80:0:0:0:2a6a:baff:fe07:abc
MAC Address: 28:6A:BA:07:0A:BC (Ieee-sa)
Device type: media device|phone
Running: Apple iOS 4.X|5.X
OS CPE: cpe:/o:apple:iphone_os:4 cpe:/o:apple:iphone_os:5
OS details: Apple iOS 4.4.2 – 5.0.1 (Darwin 11.0.0)
Uptime guess: 25.552 days (since Tue Jul 24 00:07:00 2012)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=252 (Good luck!)
IP ID Sequence Generation: Randomized

One Reply to “Does an iPad need a firewall?”

  1. Mr. Steven Can’t you just use wireshark to sinff out what is your ipad is sending to tell if it’s encrypted or no? one thing for sure this article was written before the NSA started spying,

Comments are closed.