Re: ZyXEL Prestige 642R: Exposed Admin Services on WAN with Default Password

[David Smith <smithd () blkbox com>]

At 9:23 PM +0200 8/11/01, Daniel Roethlisberger wrote:
> As of firmware 2.50(AJ.4) for the 642R, released in July, there
> seems to be a filter rule active in default configuration, which
> blocks incoming ports 21/tcp, 23/tcp, 80/tcp (why http?!) and
> 69/udp on the WAN side.
>
> There seems to be no stable fixed firmware release for the 642R-I
> yet, but the latest beta might be fixed. Unfortunately it comes
> without release notes for some reason, which would have told what
> its default settings are.
>
> The firmware releases I stated in my original posting were -not-
> accurate. With my current knowledge, I would say that no firmware
> older than July is fixed; but latest (beta) firmware releases
> should have the filters, if the configuration rom-file is applied
> too when updating the firmware (which will trash the current
> configuration). However, it seems that latest available firmware
> releases differ considerably between countries and ZyXEL
> distributors, and I can not be certain that the default
> configurations are the same worldwide, as some distributors seem
> to customly configure the Prestiges for ISP's who resell them.

The NETGEAR RT314 router, which I belive is an OEM version of this, 
has the blocking in place correctly in both the 3.2.4 (11/2000)and 
3.2.5 (3/2001) firmware.

Note in my upgrade it does not look like it will reset the filters if 
you have manually changed them, you would have to reset the settings 
in the router to get the default set back if you have disabled or 
modified it.
--
--------------
David A. Smith
<smithd () blkbox com>
The box said: "Needs Windows 98 or better," so I bought a Macintosh.