# NMAP on Model 3



## bwilson4web (Mar 4, 2019)

Hi,

I just ran a quick NMAP on my Model 3 and got one port:


```
PORT     STATE    SERVICE        VERSION
8002/tcp filtered teradataordbms
MAC Address: 04:4E:AF:D0:4D:A1 (LG Innotek)
```
I've started a more complete scan for both UDP and TCP. Is anyone else looking at network analysis of our Tesla Model 3?

Thanks,
Bob Wilson


----------



## garsh (Apr 4, 2016)

If you wrap that in [ CODE] tags it won't get converted to a smiley face.[/CODE]


----------



## JML (Jul 26, 2018)

That was one of the first things I did when I got the car. I didn't find anything interesting, but maybe you'll have better luck.

As far as I can tell, the car only has two connections going out, and both are into the Amazon AWS cloud. In the past I've been told that the car creates an OpenVPN connection back to Tesla. These are both TCP on port 443, which aren't standard for OpenVPN, but certainly doable. My guess is that the car is using a different VPN which is designed to run over TCP on port 443.


```
ipv4     2 tcp      6 7414 ESTABLISHED src=192.168.1.9 dst=35.165.243.194 sport=33463 dport=443 packets=133 bytes=41701 src=35.165.243.194 dst=my.external.ip sport=443 dport=33463 packets=121 bytes=38159 [ASSURED] mark=0 zone=0 use=2
ipv4     2 tcp      6 7414 ESTABLISHED src=192.168.1.9 dst=52.88.210.161 sport=60448 dport=443 packets=154 bytes=159299 src=52.88.210.161 dst=my.external.ip sport=443 dport=60448 packets=96 bytes=8531 [ASSURED] mark=0 zone=0 use=2
```


----------



## bwilson4web (Mar 4, 2019)

JML said:


> In the past I've been told that the car creates an OpenVPN connection back to Tesla. These are both TCP on port 443, which aren't standard for OpenVPN, but certainly doable. My guess is that the car is using a different VPN which is designed to run over TCP on port 443.


This makes sense. Well encrypted, it would be a barrier to ordinary tcpdump/wireshark. Now if you could somehow get the PGP key into wireshark.

I had considered using a linux laptop to get some traffic metrics and samples.

Bob Wilson


----------



## Frully (Aug 30, 2018)

I had suspected as much for the VPN - all the websites that I usually visit from .ca addresses auto-forward to their 'murrica counterparts. Super frustrating as I don't speak Freedom Eagle.


----------



## Quantum (Mar 23, 2020)

Tesla has moved from OpenVPN to websocket, and soon will disable OpenVPN altogether. (-forcing- upgrade if you choose to communicate with the Mothership, which I don't)


----------



## dburkland (Nov 12, 2018)

Quantum said:


> Tesla has moved from OpenVPN to websocket, and soon will disable OpenVPN altogether. (-forcing- upgrade if you choose to communicate with the Mothership, which I don't)


Interesting, do you have a source for this change?


----------

