Reply
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Vulnerability Scan - Port 23 Open
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2013-06-05
12:25 PM
2013-06-05
12:25 PM
Vulnerability Scan - Port 23 Open
According to the manual, the default Inbound rule is Block All; however, when I ran NMap TCP Connect Scan against the WAN IP, I was shocked to see some ports open. Does this mean that PCs in the same subnet can connect to my router?
Here's the result of the scan on WAN IP:
Now here's the result of the scan on the router's private IP that I assigned:
Then, I created a new Inbound rule to block access to Port 23 and the scan on WAN IP result is as follows:
Thanks for your help.
Here's the result of the scan on WAN IP:
PORT STATE SERVICE
23/tcp open telnet
80/tcp open http
81/tcp open hosts2-ns
443/tcp open https
Now here's the result of the scan on the router's private IP that I assigned:
PORT STATE SERVICE
23/tcp open telnet
80/tcp open http
81/tcp open hosts2-ns
140/tcp filtered unknown
443/tcp open https
Then, I created a new Inbound rule to block access to Port 23 and the scan on WAN IP result is as follows:
PORT STATE SERVICE
23/tcp filtered telnet
80/tcp open http
81/tcp open hosts2-ns
443/tcp open https
Thanks for your help.
Message 1 of 6
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2013-06-05
01:01 PM
2013-06-05
01:01 PM
Re: Vulnerability Scan - Port 23 Open
I forgot to mention the model number and firmware version:
System Name: FVG318_NETGEAR
Firmware Version: v2.1.2-67N
System Name: FVG318_NETGEAR
Firmware Version: v2.1.2-67N
Message 2 of 6
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2013-06-05
02:26 PM
2013-06-05
02:26 PM
Re: Vulnerability Scan - Port 23 Open
Where was the machine running the scan PHYSICALLY connected? If you scan the WAN ip address whilst physically connected to the LAN side of the firewall, you will get erroneous results.
Message 3 of 6
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2013-06-05
03:27 PM
2013-06-05
03:27 PM
Re: Vulnerability Scan - Port 23 Open
Go to GRC.com and run shieldsup
Message 4 of 6
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2013-06-06
10:26 PM
2013-06-06
10:26 PM
Re: Vulnerability Scan - Port 23 Open
Thanks, guys!
I'll run another set of test. I'll keep you posted.
I'll run another set of test. I'll keep you posted.
Message 5 of 6
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2013-06-09
09:18 AM
2013-06-09
09:18 AM
Re: Vulnerability Scan - Port 23 Open
I ran another isolated test (not from the LAN side) and the result is the same. Standard port scanning will show no ports are open, but hen TCP connect scan was performed, ports 23, 443, 80 showed as open.
The worst part was I can telnet and access the Wewb administration page from the WAN side which makes it vulnerable for exploit.
Here's the same issue with another Netgear product:
http://www.cvedetails.com/cve/CVE-2012-2439/
I have to create an inbound rule to block incoming traffic for ports 23, 443, and 80 as a workaround.
I hope this will be addressed soon.
The worst part was I can telnet and access the Wewb administration page from the WAN side which makes it vulnerable for exploit.
Here's the same issue with another Netgear product:
http://www.cvedetails.com/cve/CVE-2012-2439/
I have to create an inbound rule to block incoming traffic for ports 23, 443, and 80 as a workaround.
I hope this will be addressed soon.
Message 6 of 6