Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


dvkwong

31 posts

Geek


#181127 3-Oct-2015 13:38
Send private message

Been with Vodafone a little over 6-7 weeks and I am surprised everyday!

Couple of days back 1st Oct somehow the wifi password had been changed mysteriously and today internet was playing up.

So I thought I would do a port check to make sure my internet is secure etc. I used the excellent shields up tool from grc here click common ports https://www.grc.com/x/ne.dll?bh0bkyd2

Was very surprised to find that port 80 and 443 were open! Navigate to my public ip address and can see the router home page omg! 

And then my internet really stopped working but the telephone and Vodafone sky still worked perfectly. Spent a wasted hour on phone with Vodafone technical support turning stuff on and off...cause you know this is the magic cure for all ailments! Anyway after being told there is nothing more they can do and basically to go away and sort it out myself. Anyway 10 minutes after hanging up internet starts working again arrrrrrrrrrghhhhhhhhhh!!

So back to sorting out this port issue and other mysteries, first thing I did was download and upgrade firmware from here HG659-13V100R001C206B019_main.bin http://help.vodafone.co.nz/app/answers/detail/a_id/24400/~/upgrading-the-vodafone-homehub-%28hg659%29-firmware-to-the-latest-version

Previously was on the B009 version I think...

Went smoothly no issues except for admin password changing. Do another port check and surprise the ports are now in stealth mode by default great!

I did read a few posts from Vodafone on forum and Twitter saying having this port open is perfectly safe and secure nothing can go wrong.....closing this means WE can't help you. Yeah right Vodafone support had no idea what they were doing and having access to router made no difference.

Repeat NEVER EVER expose open ports to the internet ESPECIALLY port 80 and 443 to YOUR router unless you know what you are doing! <rant over>

Edit more rant: Changing Admin password disables pasting into password fields another FAIL, however does allow you to paste when logging in so good (I use 1Password). Read here for why disabling pasting is bad http://www.troyhunt.com/2014/05/the-cobra-effect-that-is-disabling.html







Create new topic
yitz
2074 posts

Uber Geek


  #1399352 3-Oct-2015 13:55
Send private message

Did you ever disable the firewall on your previous configuration? Navigating to your public IP address from within your LAN is different to coming in on the WAN side, different firewall rules will apply.

Updated firmware thread - http://www.geekzone.co.nz/forums.asp?forumid=40&topicid=177650 



dvkwong

31 posts

Geek


  #1399355 3-Oct-2015 14:05
Send private message

yitz: Did you ever disable the firewall on your previous configuration? Navigating to your public IP address from within your LAN is different to coming in on the WAN side, different firewall rules will apply.

Updated firmware thread - http://www.geekzone.co.nz/forums.asp?forumid=40&topicid=177650 


The firewall on router is disabled on this and previous configuration. Unfortunately I cannot recall if I tested from WAN so cannot confirm. However the GRC test is external so port 80/443 open would suggest you could still access web interface.

I would be interested to know if others who do have port 80 and 443 open can access there router web page using another internet connection Eg from mobile connection.

Andib
1363 posts

Uber Geek

ID Verified
Trusted

  #1399357 3-Oct-2015 14:31
Send private message

IIRC the HG659 interface is IP restricted to only allow logon from selected Vodafone IPs unlike the HG556a which was open and could be logged into by anyone who has your IP and the default support Username / password.
When I was working at Vodafone, Being able to remotely access router made all of our lives much easier. Try explaining to the average user how to navigate to the router and change the Wifi password!, MUCH easier to do it for the customer.

IMO if you're that concerned about security and your ports being open, an ISP router is not for you and you should get your own that you can manage yourself. For most customers ISP modems work sufficiently and allow ISP reps to help perform tasks that would otherwise confuse end users and take 10x as long to do.


PS your HG659 also likely has ports open for TR-069 wink 

 




<# 
       .DISCLAIMER
       Anything I post is my own and not the views of my past/present/future employer.
#>




dvkwong

31 posts

Geek


  #1399389 3-Oct-2015 15:06
Send private message

Andib: IIRC the HG659 interface is IP restricted to only allow logon from selected Vodafone IPs unlike the HG556a which was open and could be logged into by anyone who has your IP and the default support Username / password.
When I was working at Vodafone, Being able to remotely access router made all of our lives much easier. Try explaining to the average user how to navigate to the router and change the Wifi password!, MUCH easier to do it for the customer.

IMO if you're that concerned about security and your ports being open, an ISP router is not for you and you should get your own that you can manage yourself. For most customers ISP modems work sufficiently and allow ISP reps to help perform tasks that would otherwise confuse end users and take 10x as long to do.


PS your HG659 also likely has ports open for TR-069 wink 

 


So at the expense of making the wifi router user friendly to use, we should instead open every customers router to the internet in the off chance someone wants to change a wifi password. As noted the Vodafone support person I spoke to made no use of this interface. 

IMO I am using a router provided by a global company not some 2 bit outfit, I expect better. The new firmware does tighten security so someone at Vodafone was using their brains.

Create new topic





News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00


eero Pro 7 Review
Posted 23-Jul-2025 12:07


BeeStation Plus Review
Posted 21-Jul-2025 14:21


eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01


WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32


RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26


Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24


Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05


Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01


Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01


Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22


Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46


Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42


D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34


Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.