Solved

FVS 338 Prosafe Router is showing its administrative console on an external IP address

Posted on 2011-03-18
6
570 Views
Last Modified: 2012-05-11
I am working on blocking up some holes in the security on my network and there was an IIS server running which was not up to date and not actually being used.  I disabled the IIS services and changed the port forwarding on my Prosafe FVS338 router to stop forwarding port 80 to the server.

Subsequently, I ran port scans on my external address and it still reported that port 80 was open.  I manually accessed my external address via a web browser and low and behold, my Netgear router has decided to start displaying the administrative console to the outside world.  In my opinion, a big security risk, and I need to get it to stop asap!  Of course, Netgear sent me around in circles and then asked for a bunch of money just to think about solving my problem.

Again, the router is a Netgear Prosafe FVS338.  

The only settings in the admin console that I can find that seem to indicate turning this ability on or off, are the remote management settings in administration.  There are options to allow Telnet Management and Allow Secure HTTP Management.  Neither of these abilities are enabled.

I quite feel like my rear is hanging in the wind right now so any help would be greatly appreciated.

Oh, on a last note, I set a firewall rule to block all requests for port 80 but it apparently doesn't monitor itself...
0
Comment
Question by:mcvay178
  • 3
  • 3
6 Comments
 
LVL 35

Accepted Solution

by:
Ernie Beek earned 500 total points
ID: 35169434
The remote management settings should do it.
(?)
So the first thing I would ask then is: do you have the most recent firmware version (just to make sure)?
0
 
LVL 1

Author Comment

by:mcvay178
ID: 35208432
Turns out I am actually one revision back.  I looked at the change log for the new revision and it doesn't mention any of the remote management options not working but that's not to say that was just left out.  I am waiting for a break in the work week to get the firmware updated to prevent any downtime.  In the interim, I instructed the router to forward port 80 to a ghost IP address and it seems to have blocked up the security issue.  I still need a permanent solution though.

Will post back when something new shows up.
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35213335
I'll be here :)
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 
LVL 1

Author Comment

by:mcvay178
ID: 35234862
It is looking like after the firmware update, the remote management console has begun to work.  I am unsure if it was a bad install or an actual problem with the revision of firmware since I would be really suprised if a major portion of the firmware didn't work after so many updated versions.

Oh well, in any case I'm back up and running.  Thanks for the somewhat obvious lead in to the firmware ;p
0
 
LVL 1

Author Closing Comment

by:mcvay178
ID: 35234869
Should have checked firmware to begin with!  Easy fix I suppose.
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35235788
Sometimes the best solutions are the simplest ;)
Thx for the points.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

OnPage: Incident management and secure messaging on your smartphone
Many businesses neglect disaster recovery and treat it as an after-thought. I can tell you first hand that data will be lost, hard drives die, servers will be hacked, and careless (or malicious) employees can ruin your data.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question