[TriLUG] open ports on Uverse 2wire gateway -- revisited
James Jones
jc.jones at tuftux.com
Mon Feb 3 23:20:53 EST 2014
I'm BACK!
Finally got Uverse to send a tech out with the final result -- changed
out the Gateway with a slightly different model. For about one minute,
the open ports were stealth, until Uverse did an "update" to the box.
Then all the open ports were back again.
my nmap scan resulted in this:
PORT STATE SERVICE VERSION
21/tcp filtered ftp
22/tcp filtered ssh
23/tcp filtered telnet
80/tcp filtered http
443/tcp filtered https
49152/tcp open unknown
61001/tcp open ssl/unknown
49152 and 61001 are the problem ports. I realize that this may be
ports used by Uverse, but Security Metrics say that a vulnerability
exists on 61001.
nmap says also: 2 services unrecognized despite returning data. If you
know the service/version, please submit the following fingerprints at
http://www.insecure.org/cgi-bin/servicefp-submit.cgi :
The two ports that services are talking about are 49152 and 61001.
I suspect that security metrics would pass the account if the two open
ports were patched to cover the vulnerabilities that Security Metrics
see.
By the way, My home Uverse box has the same open ports as this
business account has.
Uverse has, so far, not recognized the open port problem that can
allow a "man in the middle" instance.
I plan another session with Uverse tomorrow.
jcj
--
Jc Jones
Blogs -
http://www.wendellgeek.com/weblog/
http://www.wendellgeek.com/kixtech/
More information about the TriLUG
mailing list