05-09-2019 10:08 PM
Hi!
Performed a TCP SYN scan on our own Vodafone Ultra Hub router at home from an external source.
The following network ports are reported to be OPEN (responding to TCP SYN packet)
tcp/80
tcp/443
tcp/8080
tcp/8081
The router has firewall enabled.
There are no port mapping added.
All UPnP, Samba and Printer services are disabled.
So there is no reason at all for the above ports responding to TCP SYN.
There does not seem to any web content being exposed externally to the world, but it is still very uncomforting such ports are OPEN by default, especially such ports are common to be attacked.
Is there any way to configure the router to have the above ports externally disabled?
As far as I understand, home routers such as this should not have any ports externally exposed.
If they are necessities, please could anyone enlighten me why they need to be exposed externally by default?
Thank you kindly!
05-09-2019 10:26 PM
Additional to the above post, I should clarify that "external source" above refers to sending TCP SYN packets from a Vodafone mobile connection to the Vodafone UltraHub router at home. (i.e. Both devices are within the Vodafone network)
I should also clarify that the ports (80, 443, 8080 and 8081) are NOT OPEN when the TCP SYN connections are initiated from outside of Vodafone network. So at least this is good news!
13-09-2019 01:47 PM
They are there for Device management. The modems are TR69 enabled and connect back to a server for things like firmware management and remote assistance.
Nothing to worry about, they are secure.
28-03-2020 11:27 PM
Except they aren't secure if you actually try to use those services for remote access to your router because the page is http, not https.
Copyright © Vodafone New Zealand Ltd