Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




70 posts

Master Geek


#214749 26-May-2017 12:21
Send private message

Hi...

 

I've noticed that port 8081 on my router is open to the internet. Although it seems to be protected with a Username and Password, I have not set up this access on the router... in fact I have set it up to not allow any incoming 'non-established' traffic. So, where did it come from and how do I turn it off?

 

Hasso


Create new topic
29033 posts

Uber Geek

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  #1788696 26-May-2017 12:23
Send private message

It's for TR-069 management. There are no risks in this and you should not disable it.

 

 

 

 




70 posts

Master Geek


  #1788698 26-May-2017 12:34
Send private message

OK... since I don't have the "super admin" password, I don't think I can turn it off in any case... but I am therefore trusting Spark to manage this securely. Based on this article is that trust well founded?

 

http://www.pcworld.com/article/2463480/many-home-routers-supplied-by-isps-can-be-compromised-en-masse-researchers-say.html

 

Perhaps what a friend of mine told me is the way to go..."Put another firewall/router behind it to protect your network and only use the wireless functionality on the Spark provided HG659b for guest wifi.


 
 
 
 


463 posts

Ultimate Geek


  #1788886 26-May-2017 18:47
Send private message

I think last time I checked Shodan about 450,000 NZ IPs had that port open.

3123 posts

Uber Geek

Trusted
Lifetime subscriber

  #1790301 27-May-2017 16:59
Send private message

It's a complete non-issue as @sbiddle said. The TR-069 connection request port is only used to do a HTTP GET to the router and then that makes the router "phone home".

 

The worst that can happen if the username & password was compromised is the router connects back to the ACS and says "this is my configuration".

 

That PC World article is also utter BS and it says so itself

 

"So far Tal and his colleagues at Check Point have investigated vulnerabilities on the server side, but they also plan to investigate possible attack vectors against the TR-069 client implementations on devices."

 

So everyone starts freaking out about the server which is completely unrelated to the client (ie your router) which has no known attack vectors.





and


1466 posts

Uber Geek


  #1790332 27-May-2017 17:46
Send private message

I hope traffic to the ACS is unmetered wink


3123 posts

Uber Geek

Trusted
Lifetime subscriber

  #1790336 27-May-2017 18:01
Send private message

yitz:

I hope traffic to the ACS is unmetered wink


It's not. Get an unlimited plan and the 1mb of data it transferred over the whole month won't count against your cap.




and


6525 posts

Uber Geek

Trusted
Lifetime subscriber

  #1790379 27-May-2017 19:17
Send private message

Scaremongering by a reporter again I see

Linux

 
 
 
 


2157 posts

Uber Geek

Trusted

  #1790405 27-May-2017 22:02
Send private message

ZOMG MY ISP HAS A BACKDOOR TO MY ROUTER!

 

 

 

 

 

 

Edit, oh, i see there's a thread for that here.


Create new topic





Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Chorus completes the build and commissioning of two new core Ethernet switches
Posted 8-Jul-2020 09:48


National Institute for Health Innovation develops treatment app for gambling
Posted 6-Jul-2020 16:25


Nokia 2.3 to be available in New Zealand
Posted 6-Jul-2020 12:30


Menulog change colours as parent company merges with Dutch food delivery service
Posted 2-Jul-2020 07:53


Techweek2020 goes digital to make it easier for Kiwis to connect and learn
Posted 2-Jul-2020 07:48


Catalyst Cloud launches new Solutions Hub to support their kiwi Partners and Customers
Posted 2-Jul-2020 07:44


Microsoft to help New Zealand job seekers acquire new digital skills needed for the COVID-19 economy
Posted 2-Jul-2020 07:41


Hewlett Packard Enterprise introduces new HPE GreenLake cloud services
Posted 24-Jun-2020 08:07


New cloud data protection services from Hewlett Packard Enterprise
Posted 24-Jun-2020 07:58


Hewlett Packard Enterprise unveils HPE Ezmeral, new software portfolio and brand
Posted 24-Jun-2020 07:10


Apple reveals new developer technologies to foster the next generation of apps
Posted 23-Jun-2020 15:30


Poly introduces solutions for Microsoft Teams Rooms
Posted 23-Jun-2020 15:14


Lenovo launches new ThinkPad P Series mobile workstations
Posted 23-Jun-2020 09:17


Lenovo brings Linux certification to ThinkPad and ThinkStation Workstation portfolio
Posted 23-Jun-2020 08:56


Apple introduces new features for iPhone iOS14 and iPadOS 14
Posted 23-Jun-2020 08:28



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.