Solved

FVS 338 Prosafe Router is showing its administrative console on an external IP address

Posted on 2011-03-18
6
565 Views
Last Modified: 2012-05-11
I am working on blocking up some holes in the security on my network and there was an IIS server running which was not up to date and not actually being used.  I disabled the IIS services and changed the port forwarding on my Prosafe FVS338 router to stop forwarding port 80 to the server.

Subsequently, I ran port scans on my external address and it still reported that port 80 was open.  I manually accessed my external address via a web browser and low and behold, my Netgear router has decided to start displaying the administrative console to the outside world.  In my opinion, a big security risk, and I need to get it to stop asap!  Of course, Netgear sent me around in circles and then asked for a bunch of money just to think about solving my problem.

Again, the router is a Netgear Prosafe FVS338.  

The only settings in the admin console that I can find that seem to indicate turning this ability on or off, are the remote management settings in administration.  There are options to allow Telnet Management and Allow Secure HTTP Management.  Neither of these abilities are enabled.

I quite feel like my rear is hanging in the wind right now so any help would be greatly appreciated.

Oh, on a last note, I set a firewall rule to block all requests for port 80 but it apparently doesn't monitor itself...
0
Comment
Question by:mcvay178
  • 3
  • 3
6 Comments
 
LVL 35

Accepted Solution

by:
Ernie Beek earned 500 total points
ID: 35169434
The remote management settings should do it.
(?)
So the first thing I would ask then is: do you have the most recent firmware version (just to make sure)?
0
 
LVL 1

Author Comment

by:mcvay178
ID: 35208432
Turns out I am actually one revision back.  I looked at the change log for the new revision and it doesn't mention any of the remote management options not working but that's not to say that was just left out.  I am waiting for a break in the work week to get the firmware updated to prevent any downtime.  In the interim, I instructed the router to forward port 80 to a ghost IP address and it seems to have blocked up the security issue.  I still need a permanent solution though.

Will post back when something new shows up.
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35213335
I'll be here :)
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 1

Author Comment

by:mcvay178
ID: 35234862
It is looking like after the firmware update, the remote management console has begun to work.  I am unsure if it was a bad install or an actual problem with the revision of firmware since I would be really suprised if a major portion of the firmware didn't work after so many updated versions.

Oh well, in any case I'm back up and running.  Thanks for the somewhat obvious lead in to the firmware ;p
0
 
LVL 1

Author Closing Comment

by:mcvay178
ID: 35234869
Should have checked firmware to begin with!  Easy fix I suppose.
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35235788
Sometimes the best solutions are the simplest ;)
Thx for the points.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Every computer eventually fails. When that happens, your valuable data is only as safe as your current backup.
An overview of HIPAA and guidance on this topic that Experts Exchange members can offer.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now