Total Pageviews to our blog

Sunday, 29 April 2012

BT Homehub V 3 Open ports 161 and 4567 stealthed

We would like to thank the original author of this review at www.punj.co.uk for granting us permission to publish this  particular blog content. The original contents of the review can be found at http://www.punj.co.uk/

On this page we are going to discuss why the BT Home Hub V3 is shipped with open ports




On our previous blog we discussed using OpenDNS with BT Broadband and the BT home hub. We still congratulate BT for providing their customers with a great home wireless router but like most people we cannot understand why they supply their router shipped with open ports.
It is now confirmed that the current BT Home Hub v3 is supplied with ports 161 and in some cases 4567 permanently open and not closed. We are also going to provide our readers a simple fix to stealth these open ports. 
Further the BT Hub Manager settings do not allow these ports to be further configured or turned off.

There is a lot of discussion at the BT Care Community Forums at
http://community.bt.com/t5/Other-BB-Queries/port-161-open-on-home-hub-3/td-p/133207
With people asking this very same question and the response from BT. 

You can check to see if your firewall or router has open ports by visiting the Gibson Research Corporation port scanning service called ShieldsUp. This can be found by following this link
https://www.grc.com/x/ne.dll?bh0bkyd2


The image below shows our test BT Home Hub V3 with port 161 open.


We would agree with the Gibson Research Corporation comments regarding port 161 and why open ports are vunerable to hack attacks.


“Most users will not be exposed to SNMP (nor will they ever find port 161 open) unless some piece of their networking equipment has an active and open SNMP service port. If our port analysis ever shows that a router (for example) or other network device exposed to the Internet has its SNMP interface open you will want to arrange to disable and close that port immediately. Malicious hackers know that some consumer networking equipment has been shipped with exposed SNMP ports and with default access passwords. Therefore, it would not be at all unlikely that such a router or other equipment would be quickly discovered and exploited. Malicious hackers would find this amusing, but you would probably not”
  
You can read the Gibson Research Corporation full description of port 161 at
http://www.grc.com/port_161.htm

Port 4567 is explained at
http://www.grc.com/port_4567.htm

How to temporarily fix and stealth open ports 161 & 4567

OK now how can we stealth these open ports. Well it’s really up to BT to provide a permanent fix with an updated firmware to fully secure these open ports. As BT currently leave these ports open we can carry out a temporary solution in stealthing these open ports.

In brief we are going to access the BT Home Hub manager settings and use the port forwarding settings to route these open ports to an unused IP address on our network. 
We must ensure that this IP address is not or ever used for any device on our Lan network.

Well here is the simple fix. 

  1.  Login to your BT Home HUB  manager settings at 192.168.1.254.  
  2. Select “'Settings”. then 
  3. Select ‘Advanced Settings'. then 
  4. Select 'Port Forwarding'. 
  5. In 'Device’, select 'User-defined IP' and enter an unused IP address eg 192.168.1.250.  (Must be unique and not to be used by any device on the network). 
  6. Now Click 'Add' and 'Assign' and then 'Apply'  
  7.  In this same screen, click 'Supported applications'.  
  8.  Now add a new application. Name this as  SNMP/TRAM. This will represent the two protocols ports 161 & 4567.  
  9.  Set 'Protocol' to 'Any'.
  •  In all the boxes labelled 'Port Range' and 'Translate to', enter 161 then Click 'Add' 
      •  In all the boxes labelled 'Port Range' and 'Translate to', enter 4567.then Click 'Add'. 
        • Now Click 'Apply' to save and apply the new changes.
          Now if you go to
          https://www.grc.com/x/ne.dll?bh0bkyd2

          and try the Gibson Research Corporation port scanning service called ShieldsUp this should show the previously open ports as now stealthed.


          So to re-cap what we have done is used the port forwarding settings to route these ports to a unique unused IP address within our network which doesn’t exist. When the port scanner now tries to communicate with these ports to the non-existing IP address it can’t because the IP address has no device to communicate with.

          Finally it’s really up to BT to provide a permanent fix with an updated firmware to fully secure these open ports. The port forwarding solution above is only a temporary solution in stealthing these open ports.

          We hope you have enjoyed our latest tip and if you wish to discuss this further then please leave your comments and suggestions below.

          punj
          Posted by at 15 comments:
          Subscribe to: Posts (Atom)