Discussion:
Verizon got a backdoor?
(too old to reply)
Raoul Watson
2011-03-30 03:08:48 UTC
Permalink
Called Verizon this morning with some Widget issues (yes, I finally got
FiOS!!) They worked a while and couldn't fix it so I left for work.

When I came home, I found my ActionTek router completely reset. The SSID
has changed and it is completely open 9evident when 192.168.1.1 is
brought forth, the user "admin" was there with no password.

So here is my concern now.. if they can just "zap" my router and put it
back into factory condition without physically pressing an onboard
factory reset button, that means there is a backdoor somewhere.

WTF? Do I need to replace my Actiontek (if so, anyone got a
recommendation for a unit with coax connectivity)?
Robert Riches
2011-03-30 03:50:13 UTC
Permalink
Post by Raoul Watson
Called Verizon this morning with some Widget issues (yes, I finally got
FiOS!!) They worked a while and couldn't fix it so I left for work.
When I came home, I found my ActionTek router completely reset. The SSID
has changed and it is completely open 9evident when 192.168.1.1 is
brought forth, the user "admin" was there with no password.
So here is my concern now.. if they can just "zap" my router and put it
back into factory condition without physically pressing an onboard
factory reset button, that means there is a backdoor somewhere.
WTF? Do I need to replace my Actiontek (if so, anyone got a
recommendation for a unit with coax connectivity)?
Yes, Verizon does have a back door into the routers they supply
to you. An alternative to replacing the Verizon-supplied router
is to put a second router in series with it. The router Verizon
supplied to you protects them from you and might protect you from
someone except Verizon. The router you supply protects you from
Verizon and every one else. I didn't have a coax connection, but
I had two routers in series until the ActionWreck Verizon had
supplied to me died.
--
Robert Riches
***@jacob21819.net
(Yes, that is one of my email addresses.)
Raoul Watson
2011-03-31 02:45:36 UTC
Permalink
Post by Robert Riches
Post by Raoul Watson
Called Verizon this morning with some Widget issues (yes, I finally got
FiOS!!) They worked a while and couldn't fix it so I left for work.
When I came home, I found my ActionTek router completely reset. The SSID
has changed and it is completely open 9evident when 192.168.1.1 is
brought forth, the user "admin" was there with no password.
So here is my concern now.. if they can just "zap" my router and put it
back into factory condition without physically pressing an onboard
factory reset button, that means there is a backdoor somewhere.
WTF? Do I need to replace my Actiontek (if so, anyone got a
recommendation for a unit with coax connectivity)?
Yes, Verizon does have a back door into the routers they supply
to you. An alternative to replacing the Verizon-supplied router
is to put a second router in series with it. The router Verizon
supplied to you protects them from you and might protect you from
someone except Verizon. The router you supply protects you from
Verizon and every one else. I didn't have a coax connection, but
I had two routers in series until the ActionWreck Verizon had
supplied to me died.
LOL.. I like that.. protect them from me and protect me from them :-)
Gordon
2011-03-30 05:30:07 UTC
Permalink
Post by Raoul Watson
Called Verizon this morning with some Widget issues (yes, I finally got
FiOS!!) They worked a while and couldn't fix it so I left for work.
When I came home, I found my ActionTek router completely reset. The SSID
has changed and it is completely open 9evident when 192.168.1.1 is
brought forth, the user "admin" was there with no password.
So here is my concern now.. if they can just "zap" my router and put it
back into factory condition without physically pressing an onboard
factory reset button, that means there is a backdoor somewhere.
WTF? Do I need to replace my Actiontek (if so, anyone got a
recommendation for a unit with coax connectivity)?
Warning; there are two types of coax internet connections.
fios uses a standard called MOCA (Media over Coax), most
CATV systems use a standard called DOCSIS (Data Over Cable
[something] Interface Standard). If you are planning to get
your own modem, make sure you get the right one.
David H. Lipman
2011-03-30 10:20:24 UTC
Permalink
From: "Raoul Watson" <***@IntelligenCIA.com>

| Called Verizon this morning with some Widget issues (yes, I finally got
| FiOS!!) They worked a while and couldn't fix it so I left for work.

| When I came home, I found my ActionTek router completely reset. The SSID
| has changed and it is completely open 9evident when 192.168.1.1 is
| brought forth, the user "admin" was there with no password.

| So here is my concern now.. if they can just "zap" my router and put it
| back into factory condition without physically pressing an onboard
| factory reset button, that means there is a backdoor somewhere.

| WTF? Do I need to replace my Actiontek (if so, anyone got a
| recommendation for a unit with coax connectivity)?

It has a complete FireWall. Use it. Verizon uses TCP port 4567 to manage the Router.
Block it.
I have and I have never had my configuration changed or altered from my choice settings.
--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp
Oppie
2011-03-30 19:05:13 UTC
Permalink
Post by David H. Lipman
It has a complete FireWall. Use it. Verizon uses TCP port 4567 to manage the Router.
Block it.
I have and I have never had my configuration changed or altered from my choice settings.
Good advice Dave.
If you block port 4567, do you have to check for updates to the router
manually? Vz normally pushes updates. In normal operation, it's automatic
and transparent.
David H. Lipman
2011-03-30 20:53:24 UTC
Permalink
Post by David H. Lipman
It has a complete FireWall. Use it. Verizon uses TCP port 4567 to manage the Router.
Block it.
I have and I have never had my configuration changed or altered from my choice settings.
| Good advice Dave.
| If you block port 4567, do you have to check for updates to the router
| manually? Vz normally pushes updates. In normal operation, it's automatic
| and transparent.


Yes. You have to pull the via the Routers auto-upgrade methodology or download them to
disk and then upgrade via the disk file.

http://my.verizon.com/micro/fiosrouters/
--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp
Martin Riddle
2011-03-30 22:55:58 UTC
Permalink
Post by David H. Lipman
Post by David H. Lipman
It has a complete FireWall. Use it. Verizon uses TCP port 4567 to
manage
the Router.
Block it.
I have and I have never had my configuration changed or altered from
my
choice settings.
| Good advice Dave.
| If you block port 4567, do you have to check for updates to the router
| manually? Vz normally pushes updates. In normal operation, it's automatic
| and transparent.
Yes. You have to pull the via the Routers auto-upgrade methodology or download them to
disk and then upgrade via the disk file.
http://my.verizon.com/micro/fiosrouters/
I am not convinced that blocking 4567 will keep them out. ItÂ’s a service
port and its under their control.
Common with other carriers too. It would be easy for them to change the
firmware firewall to ignore the block.

Cheers
Geoff
2011-03-30 23:23:40 UTC
Permalink
When I first got FiOS they were distributing D-Link 604 routers with
it. Never had them upgrade the firmware via any backdoors, never had
trouble with the router or had to reboot for mysterious reasons. KOW.

I suppose Verizon needs the back doors for the typical home user that
doesn't know how to reset it or configure it or upgrade it but if you
are sophisticated enough to be security-aware and willing to become
your own tech support then closing back doors will supercede letting
Verizon manage it for you. I now see about a dozen Westells on my
wireless, all locked down and all random SSID's in my neighborhood.
Raoul Watson
2011-03-31 02:44:28 UTC
Permalink
Post by Oppie
It has a complete FireWall. Use it. Verizon uses TCP port 4567 to
manage the Router.
Block it.
I have and I have never had my configuration changed or altered from my choice settings.
Good advice Dave.
If you block port 4567, do you have to check for updates to the router
manually? Vz normally pushes updates. In normal operation, it's
automatic and transparent.
I have a very strange habit of never allowing an upgrade until I
completely understand what it does. And then waiting for the next
version unless is a vulnerability fix. For years I kept my Cisco routers
and switches using the OS that came originally. If it ain't broke, don't
fix it. What is a firmware upgrade gonna do? Most of the time, you'll
find out that it breaks other things.

Unless it is a critical security upgrade.. it's not going to make it
faster so why bother..

I like Dave's idea of downloading it manually.. I guess I am just a
control freak. For someone to be able to upgrade my firmware, reset the
SSID without me knowing is just not acceptable.
David H. Lipman
2011-03-31 10:22:44 UTC
Permalink
Post by Oppie
It has a complete FireWall. Use it. Verizon uses TCP port 4567 to
manage the Router.
Block it.
I have and I have never had my configuration changed or altered from
my choice settings.
Good advice Dave.
If you block port 4567, do you have to check for updates to the router
manually? Vz normally pushes updates. In normal operation, it's
automatic and transparent.
| I have a very strange habit of never allowing an upgrade until I
| completely understand what it does. And then waiting for the next
| version unless is a vulnerability fix. For years I kept my Cisco routers
| and switches using the OS that came originally. If it ain't broke, don't
| fix it. What is a firmware upgrade gonna do? Most of the time, you'll
| find out that it breaks other things.

| Unless it is a critical security upgrade.. it's not going to make it
| faster so why bother..

| I like Dave's idea of downloading it manually.. I guess I am just a
| control freak. For someone to be able to upgrade my firmware, reset the
| SSID without me knowing is just not acceptable.

Likewise !
--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp
Raoul Watson
2011-03-31 02:37:29 UTC
Permalink
Post by David H. Lipman
| Called Verizon this morning with some Widget issues (yes, I finally got
| FiOS!!) They worked a while and couldn't fix it so I left for work.
| When I came home, I found my ActionTek router completely reset. The SSID
| has changed and it is completely open 9evident when 192.168.1.1 is
| brought forth, the user "admin" was there with no password.
| So here is my concern now.. if they can just "zap" my router and put it
| back into factory condition without physically pressing an onboard
| factory reset button, that means there is a backdoor somewhere.
| WTF? Do I need to replace my Actiontek (if so, anyone got a
| recommendation for a unit with coax connectivity)?
It has a complete FireWall. Use it. Verizon uses TCP port 4567 to manage the Router.
Block it.
I have and I have never had my configuration changed or altered from my choice settings.
Ooohh.. I like that very much. Thank you Dave!!! Shalom.
David H. Lipman
2011-03-31 10:24:46 UTC
Permalink
Post by David H. Lipman
| Called Verizon this morning with some Widget issues (yes, I finally got
| FiOS!!) They worked a while and couldn't fix it so I left for work.
| When I came home, I found my ActionTek router completely reset. The SSID
| has changed and it is completely open 9evident when 192.168.1.1 is
| brought forth, the user "admin" was there with no password.
| So here is my concern now.. if they can just "zap" my router and put it
| back into factory condition without physically pressing an onboard
| factory reset button, that means there is a backdoor somewhere.
| WTF? Do I need to replace my Actiontek (if so, anyone got a
| recommendation for a unit with coax connectivity)?
It has a complete FireWall. Use it. Verizon uses TCP port 4567 to manage the Router.
Block it.
I have and I have never had my configuration changed or altered from my choice settings.
| Ooohh.. I like that very much. Thank you Dave!!! Shalom.

:-)
--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp
Raoul Watson
2011-04-02 23:07:11 UTC
Permalink
Post by David H. Lipman
Post by David H. Lipman
| Called Verizon this morning with some Widget issues (yes, I finally got
| FiOS!!) They worked a while and couldn't fix it so I left for work.
| When I came home, I found my ActionTek router completely reset. The SSID
| has changed and it is completely open 9evident when 192.168.1.1 is
| brought forth, the user "admin" was there with no password.
| So here is my concern now.. if they can just "zap" my router and put it
| back into factory condition without physically pressing an onboard
| factory reset button, that means there is a backdoor somewhere.
| WTF? Do I need to replace my Actiontek (if so, anyone got a
| recommendation for a unit with coax connectivity)?
It has a complete FireWall. Use it. Verizon uses TCP port 4567 to manage the Router.
Block it.
I have and I have never had my configuration changed or altered from my choice
settings.
| Ooohh.. I like that very much. Thank you Dave!!! Shalom.
:-)
I am not used to the ActionTec firewall. Looking for setting and/or
filter to block the data to a certain incoming port but can't find it. I
am sure it's there. can someone save me an hour of digging? Thanks!
Bit Twister
2011-04-02 23:19:47 UTC
Permalink
Post by Raoul Watson
I am not used to the ActionTec firewall. Looking for setting and/or
filter to block the data to a certain incoming port but can't find it. I
am sure it's there. can someone save me an hour of digging? Thanks!
You know, it always helps to provide make/model number when asking
for help.

You might look under Advanced Filtering at http://fiberfaq.com/file.php?id=9
while waiting for additional help.
Raoul Watson
2011-04-03 12:50:16 UTC
Permalink
Post by Bit Twister
Post by Raoul Watson
I am not used to the ActionTec firewall. Looking for setting and/or
filter to block the data to a certain incoming port but can't find it. I
am sure it's there. can someone save me an hour of digging? Thanks!
You know, it always helps to provide make/model number when asking
for help.
You might look under Advanced Filtering at http://fiberfaq.com/file.php?id=9
while waiting for additional help.
Duh.. my bad, I thought I mentioned MI424WR in the original post. I
assumed the currently issued router by Verizon is the same but I guess
some customers were issued different models and brands. Thank for the
user guide referrence.
David H. Lipman
2011-04-03 14:06:56 UTC
Permalink
From: "Raoul Watson" <***@IntelligenCIA.com>

| I am not used to the ActionTec firewall. Looking for setting and/or
| filter to block the data to a certain incoming port but can't find it. I
| am sure it's there. can someone save me an hour of digging? Thanks!

Firewall settings --> yes --> advancing filtering
Find your WAN intereface
Click on the icon that represents "edit"
Under pull-down "Add"
Choose "User defined"

The objective is to "drop" TCP 4567
--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp
Raoul Watson
2011-04-04 01:15:57 UTC
Permalink
Post by David H. Lipman
| I am not used to the ActionTec firewall. Looking for setting and/or
| filter to block the data to a certain incoming port but can't find it. I
| am sure it's there. can someone save me an hour of digging? Thanks!
Firewall settings --> yes --> advancing filtering
Find your WAN intereface
Click on the icon that represents "edit"
Under pull-down "Add"
Choose "User defined"
The objective is to "drop" TCP 4567
Thanks.. I feel really stupid after 20 years of managing firewall I can'
find what I am looking for. Under advanced filtering I get a blank page
withe headers of rule ID, Source Address, and Destination address for
several sections (Network rules, Ethernet Rules, Broadband connection,
Coax rules, and WAP rules. if I add a rule under Broadband Connection,
under destination I can only add a rule to a "network object" which of
course does not have target port available (only IP, subnet, address
range, MAC address, Host name, and DHCP option). Does the firewall
security has to be changed to "high" to be able to find what you are
talking about?

What I did find under Advanced (not under fire wall) is implemented port
forwarding rules.I suppose I can play in there but not sure if it will
be effective.
David H. Lipman
2011-04-04 02:09:46 UTC
Permalink
Post by David H. Lipman
| I am not used to the ActionTec firewall. Looking for setting and/or
| filter to block the data to a certain incoming port but can't find it. I
| am sure it's there. can someone save me an hour of digging? Thanks!
Firewall settings --> yes --> advancing filtering
Find your WAN intereface
Click on the icon that represents "edit"
Under pull-down "Add"
Choose "User defined"
The objective is to "drop" TCP 4567
| Thanks.. I feel really stupid after 20 years of managing firewall I can'
| find what I am looking for. Under advanced filtering I get a blank page
| withe headers of rule ID, Source Address, and Destination address for
| several sections (Network rules, Ethernet Rules, Broadband connection,
| Coax rules, and WAP rules. if I add a rule under Broadband Connection,
| under destination I can only add a rule to a "network object" which of
| course does not have target port available (only IP, subnet, address
| range, MAC address, Host name, and DHCP option). Does the firewall
| security has to be changed to "high" to be able to find what you are
| talking about?
|
| What I did find under Advanced (not under fire wall) is implemented port
| forwarding rules.I suppose I can play in there but not sure if it will
| be effective.

No. You do NOT want "port forwarding rules".
--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp
David H. Lipman
2011-04-04 02:31:42 UTC
Permalink
Post by David H. Lipman
| I am not used to the ActionTec firewall. Looking for setting and/or
| filter to block the data to a certain incoming port but can't find it. I
| am sure it's there. can someone save me an hour of digging? Thanks!
Firewall settings --> yes --> advancing filtering
Find your WAN intereface
Click on the icon that represents "edit"
Under pull-down "Add"
Choose "User defined"
The objective is to "drop" TCP 4567
| Thanks.. I feel really stupid after 20 years of managing firewall I can'
| find what I am looking for. Under advanced filtering I get a blank page
| withe headers of rule ID, Source Address, and Destination address for
| several sections (Network rules, Ethernet Rules, Broadband connection,
| Coax rules, and WAP rules. if I add a rule under Broadband Connection,
| under destination I can only add a rule to a "network object" which of
| course does not have target port available (only IP, subnet, address
| range, MAC address, Host name, and DHCP option). Does the firewall
| security has to be changed to "high" to be able to find what you are
| talking about?
|
| What I did find under Advanced (not under fire wall) is implemented port
| forwarding rules.I suppose I can play in there but not sure if it will
| be effective.

We'll try this agian...

Firewall settings --> yes --> advancing filtering
Find your WAN interface
Click on the red "Add" Change "Protocol" drop down from "Any" to "User Defined"
Click on the red "Add Server Ports"
Protocol: "TCP"
Destination Ports: "Single"
Enter; 4567
Apply
Apply
Apply
Apply

See; "Verizon FiOS ActionTec block TCP 4567"
posted in; comp.binaries

NOTE: In IMAGE1.JPG, I modified my tables and redefined the names of some interfaces
--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp
Han
2011-04-04 10:23:12 UTC
Permalink
Post by David H. Lipman
Firewall settings --> yes --> advancing filtering
Find your WAN interface
There is WAN PPOE rules ??
Post by David H. Lipman
Click on the red "Add" Change "Protocol" drop down from "Any" to "User Defined"
There is specify protocol, but I got no further than that.
Post by David H. Lipman
Click on the red "Add Server Ports"
Protocol: "TCP"
Destination Ports: "Single"
Enter; 4567
Apply
Apply
Apply
Apply
See; "Verizon FiOS ActionTec block TCP 4567"
posted in; comp.binaries
?? comp.binaries (just that) isn't on Astraweb
Post by David H. Lipman
NOTE: In IMAGE1.JPG, I modified my tables and redefined the names of some interfaces
Sorry ...
--
Best regards
Han
email address is invalid
David H. Lipman
2011-04-04 10:38:25 UTC
Permalink
From: "Han" <***@nospam.not>

| "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in
| news:***@news1.newsguy.com:
|
Post by David H. Lipman
Firewall settings --> yes --> advancing filtering
Find your WAN interface
|
| There is WAN PPOE rules ??
|
Post by David H. Lipman
Click on the red "Add" Change "Protocol" drop down from "Any" to "User Defined"
|
| There is specify protocol, but I got no further than that.
|
Post by David H. Lipman
Click on the red "Add Server Ports"
Protocol: "TCP"
Destination Ports: "Single"
Enter; 4567
Apply
Apply
Apply
Apply
See; "Verizon FiOS ActionTec block TCP 4567"
posted in; comp.binaries
|
| ?? comp.binaries (just that) isn't on Astraweb
Post by David H. Lipman
NOTE: In IMAGE1.JPG, I modified my tables and redefined the names of some interfaces
|
| Sorry ...
|

Name another binaries group.
--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp
Han
2011-04-04 10:42:03 UTC
Permalink
Post by David H. Lipman
Name another binaries group.
I look at alt.binaries.pictures.woodworking

Thanks!
--
Best regards
Han
email address is invalid
David H. Lipman
2011-04-04 10:49:47 UTC
Permalink
From: "Han" <***@nospam.not>

| "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in news:
| ***@giganews.com:
|
Post by David H. Lipman
Name another binaries group.
| I look at alt.binaries.pictures.woodworking
|
| Thanks!
|

It would be OT there :-(
but... I'll post there.

When I get home from work, we can discuss there with pictures.
--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp
Han
2011-04-04 10:55:34 UTC
Permalink
Post by David H. Lipman
|
Post by David H. Lipman
Name another binaries group.
| I look at alt.binaries.pictures.woodworking
|
| Thanks!
|
It would be OT there :-(
but... I'll post there.
When I get home from work, we can discuss there with pictures.
Not as OT as you think. Those woodworkers do use computers something
fantastic. Do you know Google Sketchup?
--
Best regards
Han
email address is invalid
David H. Lipman
2011-04-04 21:04:36 UTC
Permalink
From: "Han" <***@nospam.not>

| "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in news:inc7oe0uh4
| @news4.newsguy.com:
|
Post by David H. Lipman
|
Post by David H. Lipman
Name another binaries group.
| I look at alt.binaries.pictures.woodworking
|
| Thanks!
|
It would be OT there :-(
but... I'll post there.
When I get home from work, we can discuss there with pictures.
|
| Not as OT as you think. Those woodworkers do use computers something
| fantastic. Do you know Google Sketchup?
|

I will ONLY use the Google search engine on a web page. I will *NEVER* use any Google
product.
--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp
Raoul Watson
2011-04-05 04:26:35 UTC
Permalink
< snip >>>
| I look at alt.binaries.pictures.woodworking
|
Admittingly that is a cool site. For some reason I can't get it now
under eternal september
Han
2011-04-05 11:55:42 UTC
Permalink
Post by Raoul Watson
< snip >>>
| I look at alt.binaries.pictures.woodworking
|
Admittingly that is a cool site. For some reason I can't get it now
under eternal september
eternal september is text only.
I'm stil on my first $10 subscription to Astraweb. Paid for 25 GB
downloads in 2008, and still have 24.1 GB to go.
I don't do much binaries, I guess ...
--
Best regards
Han
email address is invalid
David H. Lipman
2011-04-05 20:00:08 UTC
Permalink
From: "Han" <***@nospam.not>

| Raoul Watson <***@IntelligenCIA.com> wrote in news:ine5gg$aqt$***@dont-
| email.me:
|
Post by Raoul Watson
< snip >>>
| I look at alt.binaries.pictures.woodworking
|
Admittingly that is a cool site. For some reason I can't get it now
under eternal september
|
| eternal september is text only.
| I'm stil on my first $10 subscription to Astraweb. Paid for 25 GB
| downloads in 2008, and still have 24.1 GB to go.
| I don't do much binaries, I guess ...
|

LOL no.

I do *lots* of binaries. They are chuck full of; CodeSoft data stealers, Bifrost,
CyberGate RATS and all sorts of vermon.
--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp
Han
2011-04-05 21:02:25 UTC
Permalink
Post by David H. Lipman
LOL no.
I do *lots* of binaries. They are chuck full of; CodeSoft data
stealers, Bifrost, CyberGate RATS and all sorts of vermon.
I think you should pay more attention to the thieves who stole all those
email addresses at Epsilon <grin>.
--
Best regards
Han
email address is invalid
Raoul Watson
2011-04-05 04:23:34 UTC
Permalink
... <snip> > |
Post by David H. Lipman
Destination Ports: "Single"
Wow.. would have never found that one.. Thanks
Post by David H. Lipman
NOTE: In IMAGE1.JPG, I modified my tables and redefined the names of some interfaces
Without the picture. I think I am ok now..
David H. Lipman
2011-04-05 10:28:28 UTC
Permalink
... <snip> > |
Post by David H. Lipman
Destination Ports: "Single"
|
| Wow.. would have never found that one.. Thanks
|
Post by David H. Lipman
NOTE: In IMAGE1.JPG, I modified my tables and redefined the names of some interfaces
|
| Without the picture. I think I am ok now..

Excellent !
--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp
Golden California Girls
2011-04-03 14:52:22 UTC
Permalink
Post by David H. Lipman
Post by David H. Lipman
| Called Verizon this morning with some Widget issues (yes, I finally got
| FiOS!!) They worked a while and couldn't fix it so I left for work.
| When I came home, I found my ActionTek router completely reset. The SSID
| has changed and it is completely open 9evident when 192.168.1.1 is
| brought forth, the user "admin" was there with no password.
| So here is my concern now.. if they can just "zap" my router and put it
| back into factory condition without physically pressing an onboard
| factory reset button, that means there is a backdoor somewhere.
| WTF? Do I need to replace my Actiontek (if so, anyone got a
| recommendation for a unit with coax connectivity)?
It has a complete FireWall. Use it. Verizon uses TCP port 4567 to
manage the Router.
Block it.
I have and I have never had my configuration changed or altered from my choice
settings.
| Ooohh.. I like that very much. Thank you Dave!!! Shalom.
:-)
I am not used to the ActionTec firewall. Looking for setting and/or filter
to block the data to a certain incoming port but can't find it. I am sure
it's there. can someone save me an hour of digging? Thanks!
Don't think it is there with the verizon software. Only the specific ports
they thought were important can be blocked. One very good reason to get
your own firewall.

You could just route traffic on that port to an IP that doesn't exist on
your wan.
Topo Gigio
2011-04-10 09:58:32 UTC
Permalink
Post by Raoul Watson
WTF? Do I need to replace my Actiontek (if so, anyone got a
recommendation for a unit with coax connectivity)?
I recommend you eat poop and die.
Raoul Watson
2011-04-14 03:05:09 UTC
Permalink
Post by Topo Gigio
Post by Raoul Watson
WTF? Do I need to replace my Actiontek (if so, anyone got a
recommendation for a unit with coax connectivity)?
I recommend you eat poop and die.
Oh I just feel the love :-)You're not in a good mood I take it Earl?
Loading...