cancel
Showing results for 
Search instead for 
Did you mean: 
Gordon1234
Beginner
547 Views
Message 1 of 8

129 open ports on my HH3

Go to solution

I have recently become more concerned about security.

As part of my checks I have run a port scan on my home hub 3 from the internet side using my phone connected through the phone network and found 129 ports open, or at least responding.

Surely that can't be right.

Anyone else seen this?

HH3 details

Connected to ADSL2+ Broadband package

Software version 4.7.5.1.83.8.94.1.52 (Type A)

Tags (3)
0 Ratings
7 REPLIES 7
Gordon1234
Beginner
520 Views
Message 2 of 8

Re: 129 open ports on my HH3

Go to solution

I have acquired another HH3 and tried it and it's exactly the same.

As well as the 129 ports that respond from the range of common ones, there are hundreds more from therange of  less common ports.

This makes these modem/routers stand out like a beacon on the internet for any hackers out there.

My firewall log shows that my HH is constantly probed with an attempted logins.

With the "backdoor" port at 4567 that gives you a log in if you try browsing to your internet address on this port I am not at all happy.

A new hub or a new ISP is required.

0 Ratings
Distinguished Sage
Distinguished Sage
512 Views
Message 3 of 8

Re: 129 open ports on my HH3

Go to solution

@Gordon1234

You may be misinterpreting the results. as the HH3 has been around a long time now, without any reported issues. The home hub firewall will report many attempts, but they are not getting onto your local network.

This page on my website has some links to suitable sites, and a Microsoft utility which should help.

Checking for open ports

You will need to connected to BT Broadband to access any links I post which are hosted on my website..
If you are connected to BT Broadband, and you cannot access them, then please let me know on this thread. Thanks.

0 Ratings
Gordon1234
Beginner
500 Views
Message 4 of 8

Re: 129 open ports on my HH3

Go to solution
No. I don’t think these probes are getting through but .....

By responding to a port probe on such a scale your presence on the internet is highlighted and although the gates are currently holding out against the battering ram it will eventually give way.

If I’m not using these ports then they should drop requests rather than deny them.

Still not happy.
0 Ratings
Distinguished Sage
Distinguished Sage
490 Views
Message 5 of 8

Re: 129 open ports on my HH3

Go to solution

If your public address ended in 71.14, then I could not see any service ports, or port 4567 when I tested it.

I would expect to get no reply from any of your ports (stealth mode), and this would have been confirmed by the ShieldUp link I gave you.

My webserver runs on port 80, but my Windows firewall will drop any IP addresses that do not originate from the  BT network, with just a couple of exceptions. I get hundreds of such "drops" every hour.

If port 80 was not open on my router, then it would not show on my Windows firewall, but my router firewall would prevent probes reaching my network.

The firewall on the home hub is not going to give out, and the IDS part of the firewall will detect any attempts at malformed packets, and reject them.

I think you are looking for a problem that simply does not exist. The home hub 3 firewall is simply doing its job.

 

 

 

Gordon1234
Beginner
483 Views
Message 6 of 8

Re: 129 open ports on my HH3

Go to solution

That's not my current IP address but I have been swapping over modems during investigations.

I used a port scanner app on my phone and hundreds of ports responded. The same scanner inside my network gets virtually nothing. I'd much rather have my outward facing interface operte in as near stealth mode and my needs permit.

I am perhaps a bit paranoid. I recently set up port forwarding to a server in my house. Within a week it was swarming with log in attempts. Thousands each day in what seemed like a brute force attack. That made me dig a bit deeper into what ports were responding that could be attracting hackers. My HH3 also regularly gets log in attempts.

In theory, the HH3 firewall shouldn't give out but we all know that patches are issued for all kinds of software to correct a flaw that has allowed a breach in its security.

I'm going to do some more digging and will probably end up getting a new modem/router an/or a new ISP.

 

0 Ratings
Gordon1234
Beginner
477 Views
Message 7 of 8

Re: 129 open ports on my HH3

Go to solution

For all interested HH users.

The plot thickens. The Shields Up scan shows no ports responding and all in stealth mode - appart from 4567.

My Network Analyser app from technet shows multiple  ports open. When scanning my servers with known open ports it gives the correct responses.

Something's not quite right. I am going to have to take back my claims that the HH3 advertises itself unnecessarily to the internet until I dig a bit deeper.

 

Thanks for the useful pointers.

0 Ratings
Highlighted
Gordon1234
Beginner
471 Views
Message 8 of 8

Re: 129 open ports on my HH3

Go to solution
I have been chasing a ghost here.
After doing some digging I found this -
“ some cell network providers proxy all network requests so all ports appear open. “

So the network scanner on my phone was showing ports as open because of its proxy.

The only problem remaining is port 4567 which definitely gives access to a login. How secure is this? Could it be cracked?

At least I have found a nice tool - Shields Up.
Tags (3)
0 Ratings