• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 584
  • Last Modified:

FVS 338 Prosafe Router is showing its administrative console on an external IP address

I am working on blocking up some holes in the security on my network and there was an IIS server running which was not up to date and not actually being used.  I disabled the IIS services and changed the port forwarding on my Prosafe FVS338 router to stop forwarding port 80 to the server.

Subsequently, I ran port scans on my external address and it still reported that port 80 was open.  I manually accessed my external address via a web browser and low and behold, my Netgear router has decided to start displaying the administrative console to the outside world.  In my opinion, a big security risk, and I need to get it to stop asap!  Of course, Netgear sent me around in circles and then asked for a bunch of money just to think about solving my problem.

Again, the router is a Netgear Prosafe FVS338.  

The only settings in the admin console that I can find that seem to indicate turning this ability on or off, are the remote management settings in administration.  There are options to allow Telnet Management and Allow Secure HTTP Management.  Neither of these abilities are enabled.

I quite feel like my rear is hanging in the wind right now so any help would be greatly appreciated.

Oh, on a last note, I set a firewall rule to block all requests for port 80 but it apparently doesn't monitor itself...
0
mcvay178
Asked:
mcvay178
  • 3
  • 3
1 Solution
 
Ernie BeekExpertCommented:
The remote management settings should do it.
(?)
So the first thing I would ask then is: do you have the most recent firmware version (just to make sure)?
0
 
mcvay178Author Commented:
Turns out I am actually one revision back.  I looked at the change log for the new revision and it doesn't mention any of the remote management options not working but that's not to say that was just left out.  I am waiting for a break in the work week to get the firmware updated to prevent any downtime.  In the interim, I instructed the router to forward port 80 to a ghost IP address and it seems to have blocked up the security issue.  I still need a permanent solution though.

Will post back when something new shows up.
0
 
Ernie BeekExpertCommented:
I'll be here :)
0
The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

 
mcvay178Author Commented:
It is looking like after the firmware update, the remote management console has begun to work.  I am unsure if it was a bad install or an actual problem with the revision of firmware since I would be really suprised if a major portion of the firmware didn't work after so many updated versions.

Oh well, in any case I'm back up and running.  Thanks for the somewhat obvious lead in to the firmware ;p
0
 
mcvay178Author Commented:
Should have checked firmware to begin with!  Easy fix I suppose.
0
 
Ernie BeekExpertCommented:
Sometimes the best solutions are the simplest ;)
Thx for the points.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now