Reply
Beginner
microwave
Posts: 1
Registered: ‎24-02-2011

port 161 open on home hub 3

Hi,

 

I have just had BT Infinity installed with the new Home Hub 3 and I decided to check if things were as secure as they were before with ADSL and the original HH 1.  Everything seems okay apart from port 161 (SNMP) which is open to the WAN.  It never was before and the advice I have found suggests that I should close it ASAP.  However I cannot see any way of doing that nor can I find any reason for it being open.

 

Can anyone help?

 

Thanks.

 

3. Firmware version:Software version 4.7.5.1.83.8.45 (Type A)
4. Board version:BT Home Hub 3.0A
MrP
Aspiring Expert
MrP
Posts: 119
Registered: ‎17-02-2011
0

Re: port 161 open on home hub 3

Firmware updates for the HH3 are pushed out automatically in the background - is SNMP (port 161) required for this?

 

(Mine updated last night. I hadn't even realised until I happened to check the uptime and usage stats on the HH3 - the HH3 had been restarted.)

Expert
infinidim
Posts: 458
Registered: ‎09-03-2010
0

Re: port 161 open on home hub 3

Last Saturday my hub try to update but failed. :smileymad:

 

I raised the issue with the BT Retail Helpdesk in India and they said it should have updated on Monday, Tuesday or Wednesday night which it didn't......:smileymad::smileymad:

 

About to India again today so lets see what happens now....:smileywink:

Infinidim
Megadodo Publications
Ursa Minor Beta

If you want to say thanks for a helpful answer, please click on the Ratings star on the left-hand side
If the the reply answers your question then please mark as ’Mark as Accepted Solution’
Newbie
chromedome
Posts: 1
Registered: ‎14-03-2011

Re: port 161 open on home hub 3

I received this today from BT -

 

" would like to inform you that port 161 is open to make the BT Home Hub better for the gaming environment and to make the transmission faster, as the port 161 related to SNMP protocol and it makes the transmission faster."

Expert
FloFosterJenkins
Posts: 844
Registered: ‎11-10-2010

Re: port 161 open on home hub 3

 


chromedome wrote:

I received this today from BT -

 

" would like to inform you that port 161 is open to make the BT Home Hub better for the gaming environment and to make the transmission faster, as the port 161 related to SNMP protocol and it makes the transmission faster."


 

Steve Gibson wouldn't like that would he?

 

Most users will not be exposed to SNMP (nor will they ever find port 161 open) unless some piece of their networking equipment has an active and open SNMP service port. If our port analysis ever shows that a router (for example) or other network device exposed to the Internet has its SNMP interface open you will want to arrange to disable and close that port immediately. Malicious hackers know that some consumer networking equipment has been shipped with exposed SNMP ports and with default access passwords. Therefore, it would not be at all unlikely that such a router or other equipment would be quickly discovered and exploited. Malicious hackers would find this amusing, but you would probably not.

Distinguished Guru
DS
Posts: 7,684
Registered: ‎27-01-2010

Re: port 161 open on home hub 3

 


FloFosterJenkins wrote:

 


chromedome wrote:

I received this today from BT -

 

" would like to inform you that port 161 is open to make the BT Home Hub better for the gaming environment and to make the transmission faster, as the port 161 related to SNMP protocol and it makes the transmission faster."


 

Steve Gibson wouldn't like that would he?

 

Most users will not be exposed to SNMP (nor will they ever find port 161 open) unless some piece of their networking equipment has an active and open SNMP service port. If our port analysis ever shows that a router (for example) or other network device exposed to the Internet has its SNMP interface open you will want to arrange to disable and close that port immediately. Malicious hackers know that some consumer networking equipment has been shipped with exposed SNMP ports and with default access passwords. Therefore, it would not be at all unlikely that such a router or other equipment would be quickly discovered and exploited. Malicious hackers would find this amusing, but you would probably not.


 

Hi Flo

 

Hmm, it's got me thinking, so what IS the actual reason...

(answers on a post card?)

 

It doesn't sound good, maybe BT'll put our minds at ease - in easy to understand english...

 

Anyway, further reading

http://isc1.sans.org/port.html?port=161

http://www.speedguide.net/port.php?port=161

http://www.auditmypc.com/port/udp-port-161.asp

http://www.faqs.org/rfcs/rfc1157.html

http://en.wikipedia.org/wiki/Simple_Network_Management_Protocol

http://en.wikipedia.org/wiki/Simple_Network_Management_Protocol#Protocol_details

http://www.networkdictionary.com/howto/SNMPNetworkMonitoringSystem.php

 

:smileysad:Correct me IF I'm wrong but SNMP is a monitoring protocol and has nothing whatsoever to do with gaming...

 

 

 

 

 

-+-No longer a forum member-+-
Moderator
CraigS
Posts: 3,049
Registered: ‎28-01-2010

Re: port 161 open on home hub 3

Greetings all,

 

TBH this is news to me but I'll do so digging and see what I can find out for you :smileyhappy:

 

ta

 

Craig

BTCare Community Mod

If we have asked you to email us with your details, please make sure you are logged in to the forum, otherwise you will not be able to see our ‘Contact Us’ link within our profiles.

We are sorry but we are unable to deal with service/account queries via the private message(PM) function so please don't PM your account info, we need to deal with this via our email account :-)”
td-p/30">Ratings star on the left-hand side of the post.

If someone answers your question correctly please let other members know by clicking on ’Mark as Accepted Solution’.
Expert
FloFosterJenkins
Posts: 844
Registered: ‎11-10-2010

Re: port 161 open on home hub 3

DS, thanks for the enlightening links, but this http://isc1.sans.org/port.html?port=161 means absolutely nothing to me :smileyindifferent:

 


DS wrote:

:smileysad:Correct me IF I'm wrong but SNMP is a monitoring protocol and has nothing whatsoever to do with gaming...

 


 

I think you're right there. From one of your links re UDP Port 161:

Port Description: SNMP Agent. Used to connect with and configure or request data from a running snmp agent on a network host. Security Concerns: Many!. – Default community strings: \public\. – Cleartext data exchanges (inluding auth with string). – Not hard to trick agent into revealing its string & manager IP. – To access agent’s data or reconfig it, only need string and source IP of snmp manager (then spoof manager).

 

Are there any tecchy people out there who can explain what a worst-case scenario might be if a malicious hacker gained access to my router? Could code be inserted in the HH3 that might carry out data interception, Deep Packet Inspection? Could access be gained to computer systems that are part of a LAN?

 

@ chromedome, who told you that that "port 161 is open to make the BT Home Hub better for the gaming environment and to make the transmission faster, as the port 161 related to SNMP protocol and it makes the transmission faster."?

 

That is seriously misleading is it not? Or downright untruthful? I am sure BT will set the matter straight, because they have said many times that they take privacy very seriously indeed; this looks like a serious security vulnerability, and customers need some straight answers, with no half-truths or obfuscation, to know how to block this.

Distinguished Guru
DS
Posts: 7,684
Registered: ‎27-01-2010
0

Re: port 161 open on home hub 3

@ Craig. As always, on the case:smileywink:

(You may need a triple extending ladder, to climb out of the big hole that you might be digging:smileysad:)

 

@Flo. Currently I'm using the V2 type b. ShieldsUp gives me a very clean bill of health:smileyhappy:, port 161 is closed, I wonder what it could flag on the V3...:smileyindifferent:

(I was going to mention DPI last night/early this morning, but I decided not to, so NoDPI from me:smileyhappy:)

 

Techy wise, I'm sure Craig'll get the full story (He's very good at his job:smileyhappy:), maybe even advise those that may wish to close this port down.............Permanently

-+-No longer a forum member-+-
Contributor
westendboy
Posts: 49
Registered: ‎23-02-2011

Re: port 161 open on home hub 3

[ Edited ]

This was news to me.:smileysad: No Steve wouldn`t like it.

 

shieldsup.JPG