NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

GaACETech's avatar
GaACETech
Guide
Feb 13, 2021

PCI Requirement - Port 443

Nighthawk AC2300, RS400

 

Friends that own a small shop were notified by the credit card clearing house that they needed to close port 443.

 

There are 3 users and each station has a credit card machine.  the stations are plugged into a Netgear switch (which plugs into the router).

 

Will turning off this port 443 cause other issues?  Is it possible on the nighthawk?

 

 

Suggestions?

 

Thanks.

Darryl

 

Security
Solutions

2 Replies

    • antinode's avatar
      antinode
      Guru
      Feb 24, 2021

      > Nighthawk AC2300, RS400

       

         Firmware version?  Connected to what?

       

      > [...] they needed to close port 443.

       

         Port 443 normally refers to HTTPS, a "Secure" (encrypted) version of
      HTTP (the communication protocol used by web servers/browsers).
      Presumably, your friends are not (intentionally) running a web server on
      their network.

       

         I don't have an RS400, and the RS400 User Manual is less helpful than
      it might be, so I know nothing, but...

       

         Typical Netgear consumer-grade routers (model Rxxxx, say) have a
      management web site ("routerlogin.net", or whatever) which uses port 80
      (HTTP, not encrypted), and can be accessed only from a system on its
      LAN (where everything is local, so encryption is usually not critical).


         As an _option_ on many models, you can enable a Remote Management
      feature (ADVANCED > Advanced Setup > Remote Management), which enables
      the use of port 443 (HTTPS, "Secure", encrypted) to access it from a
      system in the outside world (where encryption would have more value).

       

         The RS400 is different in that it _normally_ uses HTTPS (port 443)
      for access to its management web site, even from a system on its LAN.
      (Part of its "Cybersecurity"-ness, I assume.)

       

         If the credit-card service is seeing port 443 on the RS400 as "open",
      then my first guess would be that they're seeing this management web
      site.

       

         In my quick look at the RS400 User Manual, I saw nothing about local
      versus remote management, so I don't know if the RS400 has such a
      feature, and, if it does, I also don't know if it can be
      enabled/disabled by the user.

         Lacking any actual knowledge, I'd run a quick experiment: Point a web
      browser on a system in the outside world (yours, for example) at your
      friends' router, using a URL like, say:


            https://<small_shop_IP_address>

       

      and see what happens.  Do you get a user name and password request from
      the RS400, or some other web page, or an error message, or what?

         If you find that you're talking to the RS400 management web site when
      you do that, then there may be things which can be done to disable that
      kind of access in a way which would satisfy the credit-card service.  In
      any case, more information is needed to determine what the credit-card
      service is actually seeing which triggered the complaint.

       


      > You will want to check out this KB [...]

       

         I doubt it.  "Block Services" restricts how local clients can access
      the Internet.  It's unrelated to how outside-world systems can access
      your friends' stuff.