Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




70 posts

Master Geek


# 214749 26-May-2017 12:21
Send private message

Hi...

 

I've noticed that port 8081 on my router is open to the internet. Although it seems to be protected with a Username and Password, I have not set up this access on the router... in fact I have set it up to not allow any incoming 'non-established' traffic. So, where did it come from and how do I turn it off?

 

Hasso


Create new topic
28126 posts

Uber Geek

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  # 1788696 26-May-2017 12:23
One person supports this post
Send private message

It's for TR-069 management. There are no risks in this and you should not disable it.

 

 

 

 




70 posts

Master Geek


  # 1788698 26-May-2017 12:34
Send private message

OK... since I don't have the "super admin" password, I don't think I can turn it off in any case... but I am therefore trusting Spark to manage this securely. Based on this article is that trust well founded?

 

http://www.pcworld.com/article/2463480/many-home-routers-supplied-by-isps-can-be-compromised-en-masse-researchers-say.html

 

Perhaps what a friend of mine told me is the way to go..."Put another firewall/router behind it to protect your network and only use the wireless functionality on the Spark provided HG659b for guest wifi.


 
 
 
 


463 posts

Ultimate Geek


  # 1788886 26-May-2017 18:47
Send private message

I think last time I checked Shodan about 450,000 NZ IPs had that port open.

2779 posts

Uber Geek

Trusted
Lifetime subscriber

  # 1790301 27-May-2017 16:59
Send private message

It's a complete non-issue as @sbiddle said. The TR-069 connection request port is only used to do a HTTP GET to the router and then that makes the router "phone home".

 

The worst that can happen if the username & password was compromised is the router connects back to the ACS and says "this is my configuration".

 

That PC World article is also utter BS and it says so itself

 

"So far Tal and his colleagues at Check Point have investigated vulnerabilities on the server side, but they also plan to investigate possible attack vectors against the TR-069 client implementations on devices."

 

So everyone starts freaking out about the server which is completely unrelated to the client (ie your router) which has no known attack vectors.






1374 posts

Uber Geek


  # 1790332 27-May-2017 17:46
Send private message

I hope traffic to the ACS is unmetered wink


2779 posts

Uber Geek

Trusted
Lifetime subscriber

  # 1790336 27-May-2017 18:01
Send private message

yitz:

I hope traffic to the ACS is unmetered wink


It's not. Get an unlimited plan and the 1mb of data it transferred over the whole month won't count against your cap.





5130 posts

Uber Geek

Trusted
Lifetime subscriber

  # 1790379 27-May-2017 19:17
One person supports this post
Send private message

Scaremongering by a reporter again I see

Linux

 
 
 
 


1878 posts

Uber Geek


  # 1790405 27-May-2017 22:02
Send private message

ZOMG MY ISP HAS A BACKDOOR TO MY ROUTER!

 

 

 

 

 

 

Edit, oh, i see there's a thread for that here.


Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

New AI legaltech product launched in New Zealand
Posted 21-Aug-2019 17:01


Yubico launches first Lightning-compatible security key, the YubiKey 5Ci
Posted 21-Aug-2019 16:46


Disney+ streaming service confirmed launch in New Zealand
Posted 20-Aug-2019 09:29


Industry plan could create a billion dollar interactive games sector
Posted 19-Aug-2019 20:41


Personal cyber insurance a New Zealand first
Posted 19-Aug-2019 20:26


University of Waikato launches space for esports
Posted 19-Aug-2019 20:20


D-Link ANZ expands mydlink ecosystem with new mydlink Mini Wi-Fi Smart Plug
Posted 19-Aug-2019 20:14


Kiwi workers still falling victim to old cyber tricks
Posted 12-Aug-2019 20:47


Lightning Lab GovTech launches 2019 programme
Posted 12-Aug-2019 20:41


Epson launches portable laser projector
Posted 12-Aug-2019 20:27


Huawei launches new distributed HarmonyOS
Posted 12-Aug-2019 20:20


Lenovo introduces single-socket servers for edge and data-intensive workloads
Posted 9-Aug-2019 21:26


The Document Foundation announces LibreOffice 6.3
Posted 9-Aug-2019 16:57


Symantec sell enterprise security assets for US$ 10.7 billion to Broadcom
Posted 9-Aug-2019 16:43


Artificial tongue can distinguish whisky and identify counterfeits
Posted 8-Aug-2019 20:20



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.