FVS 338 Prosafe Router is showing its administrative console on an external IP address

Posted on 2011-03-18
Last Modified: 2012-05-11
I am working on blocking up some holes in the security on my network and there was an IIS server running which was not up to date and not actually being used.  I disabled the IIS services and changed the port forwarding on my Prosafe FVS338 router to stop forwarding port 80 to the server.

Subsequently, I ran port scans on my external address and it still reported that port 80 was open.  I manually accessed my external address via a web browser and low and behold, my Netgear router has decided to start displaying the administrative console to the outside world.  In my opinion, a big security risk, and I need to get it to stop asap!  Of course, Netgear sent me around in circles and then asked for a bunch of money just to think about solving my problem.

Again, the router is a Netgear Prosafe FVS338.  

The only settings in the admin console that I can find that seem to indicate turning this ability on or off, are the remote management settings in administration.  There are options to allow Telnet Management and Allow Secure HTTP Management.  Neither of these abilities are enabled.

I quite feel like my rear is hanging in the wind right now so any help would be greatly appreciated.

Oh, on a last note, I set a firewall rule to block all requests for port 80 but it apparently doesn't monitor itself...
Question by:mcvay178
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
LVL 35

Accepted Solution

Ernie Beek earned 500 total points
ID: 35169434
The remote management settings should do it.
So the first thing I would ask then is: do you have the most recent firmware version (just to make sure)?

Author Comment

ID: 35208432
Turns out I am actually one revision back.  I looked at the change log for the new revision and it doesn't mention any of the remote management options not working but that's not to say that was just left out.  I am waiting for a break in the work week to get the firmware updated to prevent any downtime.  In the interim, I instructed the router to forward port 80 to a ghost IP address and it seems to have blocked up the security issue.  I still need a permanent solution though.

Will post back when something new shows up.
LVL 35

Expert Comment

by:Ernie Beek
ID: 35213335
I'll be here :)
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

ID: 35234862
It is looking like after the firmware update, the remote management console has begun to work.  I am unsure if it was a bad install or an actual problem with the revision of firmware since I would be really suprised if a major portion of the firmware didn't work after so many updated versions.

Oh well, in any case I'm back up and running.  Thanks for the somewhat obvious lead in to the firmware ;p

Author Closing Comment

ID: 35234869
Should have checked firmware to begin with!  Easy fix I suppose.
LVL 35

Expert Comment

by:Ernie Beek
ID: 35235788
Sometimes the best solutions are the simplest ;)
Thx for the points.

Featured Post

Don't Miss ATEN at InfoComm 2017!

Visit booth #2167 to see the  new ATEN VM3200 32 x 32 Modular Matrix Switch. Other highlights include the VE8950 4K HDMI Over IP Extender, VS1912 12-Port DP Video Wall Media Player  and VK2100 ATEN Control System. Register now with Free Pass Code ATEN288!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Tracert fails final hop at some client offices 3 47
Multi Factor Authentication for MSPs 4 37
Netgear Router 5 G 11 49
wifi security 11 45
Smart phones, smart watches, Bluetooth-connected devices—the IoT is all around us. In this article, we take a look at the security implications of our highly connected world.
Do you know what to look for when considering cloud computing? Should you hire someone or try to do it yourself? I'll be covering these questions and looking at the best options for you and your business.
Sending a Secure fax is easy with eFax Corporate ( First, just open a new email message. In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question