I ran nmap on my home network today to see which machines are up without getting up from my desk. I noticed something strange. I own a Dell Axim X5 Pocket PC. It is an old model which did not have a built in wifi. So I bought a chepo D-Link card for it on Ebay. Its a big thing that sticks out of the device, and prevents it from fitting in my pocket, but it works. Today the Pocket PC was sitting in it’s cradle with the card in it and wireless communications enabled.
Nmap found it, identified it as D-Link device, and communicated that port 990 is open. In case you didn’t know 990 is the dedicated ftp over SSL port. I found that strange because I knew for sure there was no server like software running on that pocket toy. I removed it from the cradle, and ran nmap once more. This time all the ports on the device were closed.
It’s odd, but it seems that ActiveSync uses ftps to sync up the files between your computer and the hand held device. I don’t really see why did they set it up this way, especially since the cradle plugs directly into a USB port and they could use a myriad of other network independent protocols to do the sync-up.
Since this protocol uses SSL to encrypt the ftp communication I don’t see it as a big security risk. Still, I find it odd that they would do it this way. Anyone knows what is the justification for syncing data over ftps? I guess this would make sense if they offered some sort of remote sync options, but my device does not have that feature.
[tags]activesync, microsoft, dell, dell axim, axim, axim x5, dlink, wifi, ftps, ssl, ftp[/tags]