NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

mariol66's avatar
mariol66
Aspirant
Jun 21, 2017

Netgear Prosafe FVS336Gv3 Leaving Telnet port 23 open

I am running a PCI Compliance vulnerability check on my network, and I am being flagged for having port 23 Telnet open. I have read that this is closed by default so I'm not sure why it is appearing....
Firmware
Security
Troubleshooting
train_wreck's avatar
train_wreck
Luminary
Jun 22, 2017

If the PCI scan is reporting telnet listening on the LOCAL LAN interface..... nothing you can do. None of the FVS devices allow you to completely disable telnet on the LAN, only on WAN. (it is honestly insane that I am even using the word "telnet" right now, in 2017..... SSH has been around for over 20 years......)

mariol66's avatar
mariol66
Aspirant
Jun 22, 2017

Thanks for the response! This is the exact response I got from the PCI Scanner:

 

For additional information please scroll down. We have denied this dispute based upon manual investigation of this finding. Manual investigation appears to show plaintext logins are possible on this system:

$ telnet 50.xxx.xxx.221 23
Trying 50.xxx.xxx.221...
Connected to 50.xxx.xxx.221.
Escape character is '^]'.

(none) login: Anonymous
Password:

 

 

 

  • train_wreck's avatar
    train_wreck
    Luminary
    Jun 22, 2017

    But you were running the scanner on a computer behind the router, correct? Connected to the LAN ports...

    • mariol66's avatar
      mariol66
      Aspirant
      Jun 23, 2017

      The scanner is run by a company outside our local network. I even run tests from port scanning sites, all telling me Telnet is open as well. 

      • mariol66's avatar
        mariol66
        Aspirant
        Jun 23, 2017

        The scans are being run from outside the LAN. Showing Port 23 open

    • JohnC_V's avatar
      JohnC_V
      NETGEAR Moderator
      Jun 29, 2017

      Hi mariol66,

       

      I checked the port 23 to your network and it is showing that it is online/reachable. For now, you may change the default password of your firewall to avoid security risk. Then please try to login to the firewall via console. We may need to disable the telnet from the CLI of the firewall. Just in case that it is not possible to access it via CLI. Please save/backup a configuration file then reset the firewall to factory default as telnet management is disabled by default.

       

      Here is the CLI manual from SRX5308 but it has the same configuration for the device that you have(page 188).

       

      Regards,

      • mariol66's avatar
        mariol66
        Aspirant
        Jun 30, 2017

        I've never used the CLI interface of a Netgear router prior. What commands do I need to run, and what Windows utility do I need to use to achieve this?

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More