Mr Bear Posted March 2, 2017 Share Posted March 2, 2017 I've just set up a new Netgear D1500 router and performed a routine network test on it. It's failing on port 7547 being open to the Internet, and apparently this is commonly used by service providers to allow settings to be updated. But apparently it can also be used for malicious purposes. Is this a security risk? I can't seem to find any way to close that port in the routers settings. Link to comment Share on other sites More sharing options...
ans Posted March 2, 2017 Share Posted March 2, 2017 It's likely baked into the firmware so unless they've released a version that plugs it, you wont be able to close it. Would just blackhole any traffic received on that port to an unused IP outside your DHCP range personally. Dirty fix but would be better than having it open. Link to comment Share on other sites More sharing options...
Mr Bear Posted March 2, 2017 Author Share Posted March 2, 2017 "Would just blackhole any traffic received on that port to an unused IP outside your DHCP range personally." I'm not even sure how I would do that. Some online testing suggests that the port is open but not responding to probes. But it still leaves me feeling a bit uneasy. Maybe it's time for me to grow up and get a proper high-class router. Link to comment Share on other sites More sharing options...
joeyconcrete Posted March 2, 2017 Share Posted March 2, 2017 It's for use with TR-69 which is a method that allows ISPs or other approved parties to reconfigure the router remotely. This probably won't be configured but still active and listening (basically a web service). I'd see if you can disable TR-69 or alternatively just make sure the router firmware is kept up to date. Link to comment Share on other sites More sharing options...
Mr Bear Posted April 15, 2017 Author Share Posted April 15, 2017 I see this is a widespread problem. Should Sure and MT be blocking external access to this port via their service? https://www.wordfence.com/blog/2017/04/check-your-router/ Link to comment Share on other sites More sharing options...
Mr Bear Posted April 15, 2017 Author Share Posted April 15, 2017 To quote from that web page:- "Your ISP should not allow someone from the public internet to connect to your router’s port 7547. Only your ISP should be able to access this port to manage your home router. They have the ability to configure their network to prevent outsiders from accessing that port. Many ISPs do not block public access to port 7547." I can't close that port on my router and it fails the test. Link to comment Share on other sites More sharing options...
Terminal Posted April 15, 2017 Share Posted April 15, 2017 One word = netgear Link to comment Share on other sites More sharing options...
Mr Bear Posted April 16, 2017 Author Share Posted April 16, 2017 I don't think it just affects Netgear equipment though. Link to comment Share on other sites More sharing options...
Mr Bear Posted April 19, 2017 Author Share Posted April 19, 2017 I contacted Sure and asked about it. They sent me the following reply:- Please use https://portforward.com/, This has guides and instructions to open ports on your router. At present Sure do not block any ports. The site linked to has instructions for opening ports on routers, but the one in question is not listed so can't be closed. Any suggestions for ordinary down to earth ADSL routers that I should consider? Link to comment Share on other sites More sharing options...
ballaughbiker Posted April 19, 2017 Share Posted April 19, 2017 Just get a Draytek Clive. One or two ISPs across are starting to insist you use their router and deny you the username and pw for the connection to enforce it. Voda is a prime example and it has cost them a lot of business as a result including mine. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.