Reply
Distinguished Guru
DS
Posts: 7,684
Registered: ‎27-01-2010
0

Re: port 161 open on home hub 3

[ Edited ]

Guess that's what could've happened:smileysad:

 

Yet at the time I was on ff3.6.14 or .15 and prior to posting about this, I dumped the lot - CCleaner, BetterPrivacy etc, loaded the exact same sites and couldn't see them being flagged this time.

 

(on ff4 now so I'll never know....or will I?)

-+-No longer a forum member-+-
Contributor
gobbybobby
Posts: 252
Registered: ‎18-05-2010
0

Re: port 161 open on home hub 3

its a shame BT don't take security seriously, novice tech users most at risk.
I am no expert. Correct me when I am wrong. Learning is good!
Beginner
sunshinemole
Posts: 4
Registered: ‎30-06-2011
0

Re: port 161 open on home hub 3

[ Edited ]

CraigS wrote:

...

I have had a look at this and found that BT use port 161 to carry out remote management on the Home Hub and the network.  We manage customer devices so that they and any feature on them do not present any security issue.

...


The implementation of this does raise a few questions, perhaps leading to suggestions for improvement:

 

  • - Why is access allowed globally rather than from specific BT management IPs? 
  • - The hub drops ICMP echo requests (aka PING) in a (misguided IMHO) attempt to hide the router and reduce the discovery surface of the router. Having 161 and other TCP ports open goes some way to negate the 'benefit' of have ICMP echo requests dropped.
  • - Why use port 161? It is already used for SNMP and is an obvious port for a port scanner to hit against.

I don't argue that BT's access isn't legitimate - after all BT must comply with the Data Protection and Computer Misuse Act and other UK laws. Of greatest concern is possible exploit by those wishing to gain access to BT customers' networks.  BT may have used other counter measures but given the track record and the three off the top of my head points above I don't hold high hopes of this. Reverse engineering of the firmware may yield any private keys and other cryptographic information.

 

As a possible safety measure for those of a more paranoid/cautious demenour it seems that forwarding 161 to a local machine (or an address not being used) stops it being available for access to the hub itself. It certainly DNATs the port through the destination IP - it's possible the hub still picks up magic packets and takes connections for itself. To Shields Up the port appears closed using this method so it does improve security a little. Of course, those who are paranoid and tech savvy enough to do this probably wouldn't want to use the HH anyway, so that means that the users who are at risk are the very ones BT is trying to help out.

Expert
infinidim
Posts: 458
Registered: ‎09-03-2010
0

Re: port 161 open on home hub 3

[ Edited ]

I think that you have given a well balance reply here.

I would still want BT Retail moderators to say why they have 161 open and what they are going in the future to do to close it.

I have some contacts within BT so I might raise it with them.

Infinidim
Megadodo Publications
Ursa Minor Beta

If you want to say thanks for a helpful answer, please click on the Ratings star on the left-hand side
If the the reply answers your question then please mark as ’Mark as Accepted Solution’
Aspiring Contributor
clunk1234567
Posts: 18
Registered: ‎26-05-2010
0

Re: port 161 open on home hub 3

[ Edited ]

I am rather surprised at BT's decision to make HH3 visible to the world. Most, if not all, hackers will get to know that all they have to do is scan port 161 throughout the BT address range to locate a victim. Port 161 is a deliberately induced flaw that can only lead to some poor soul having their day ruined by some @*&&£$$ in china getting hold of bank details. Although I'm no hacker I know that once a router responds to my scans I would have no problem having my wicked way with the contents of a hard drive.

 

As this security breach is being commented on more than just a few forums without so much as a whisper from BT I consider BT as being completely cavalier with their duty of care of their customer base.

 

A formal complaint has been logged with BT.  If the results of that complaint does not include a completely stealthed router then my complaint will be taken to the next level

Aspiring Contributor
clunk1234567
Posts: 18
Registered: ‎26-05-2010
0

Re: port 161 open on home hub 3

Just had a call from BT about my connection disconnecting. I had to remind them my complaint was about an open port in my Homehub 3 I guess this means that my complaint is now being dealt wilth.
Community Manager
StephanieG
Posts: 2,841
Registered: ‎27-01-2010

Re: port 161 open on home hub 3

Hello,

BT uses port 161 to carry out remote management on the Home Hub and the network. We manage customer devices so that they and any feature on them do not present any security issue. I'm sorry that I've repeated what was said before but that is the situation. Hope this helps.

Stephanie
BTCare Community Manager

If you like a post, or want to say thanks for a helpful answer, please click on the Ratings star on the left-hand side of the post. If someone answers your question correctly please let other members know by clicking on ’Mark as Accepted Solution’.
Aspiring Contributor
clunk1234567
Posts: 18
Registered: ‎26-05-2010

Re: port 161 open on home hub 3

The problem with all HH3's having the same port open is a hacker now only have to scan the BT address range for one port. Scanning a range of ports and my firewall will pick it up as an attack and block them for a year, scan only one and the firewall might not. The open port is the hackers light in the window. Once they see it the port will have done its job and need not be touched again, not with another 65535 service ports to play with. When that person moves on, whether they succeed or not, that light will bring in the next one, and the next, and so on. It's a problem that is unstoppable without a fully stealthed router.

 

 

Aspiring Contributor
kronckew
Posts: 23
Registered: ‎12-10-2011
0

Re: port 161 open on home hub 3

[ Edited ]

i've recently moved and with bt being the fastest isp at my current address, found myself on BT. after running GRC's tests & seeing port 161 open, found this thread searching on 'bt home hub 3 port 161 open'.

 

after reading the above, i agree bt's reasons for leaving the port open and vulnerable are questionable.

 

i therefor went into the hub manager, went to port forwarding in the advanced settings, added a new supported application, named it snmp, on port 161. went back to the port fwd. config, added a snmp item to fwd to ip 192.168.1.111 (which does not exist on my network), applied it & re-tested with grc. all ports now show as stealthed.

 

just to be safe, i also have a 3rd party firewall (Outpost Security Suite 7.5.1) on my pc, and added a block to port 161 in the system rules for it.

_______________________________________
CAVE CANEM RADIX LECTI ET SEMPER PARATUS

My dog is so lazy, she only chases parked cars
Aspiring Contributor
clunk1234567
Posts: 18
Registered: ‎26-05-2010
0

Re: port 161 open on home hub 3

Thanks for the info, it helped big time. I owe you one. You need to do the same to port 4567, it's open as well.