Bugtraq mailing list archives
Re: ZyXEL Prestige 642R: Exposed Admin Services on WAN with Default Password
From: David Smith <smithd () blkbox com>
Date: Sun, 12 Aug 2001 07:47:50 -0400
At 9:23 PM +0200 8/11/01, Daniel Roethlisberger wrote:
As of firmware 2.50(AJ.4) for the 642R, released in July, there seems to be a filter rule active in default configuration, which blocks incoming ports 21/tcp, 23/tcp, 80/tcp (why http?!) and 69/udp on the WAN side. There seems to be no stable fixed firmware release for the 642R-I yet, but the latest beta might be fixed. Unfortunately it comes without release notes for some reason, which would have told what its default settings are. The firmware releases I stated in my original posting were -not- accurate. With my current knowledge, I would say that no firmware older than July is fixed; but latest (beta) firmware releases should have the filters, if the configuration rom-file is applied too when updating the firmware (which will trash the current configuration). However, it seems that latest available firmware releases differ considerably between countries and ZyXEL distributors, and I can not be certain that the default configurations are the same worldwide, as some distributors seem to customly configure the Prestiges for ISP's who resell them.
The NETGEAR RT314 router, which I belive is an OEM version of this, has the blocking in place correctly in both the 3.2.4 (11/2000)and 3.2.5 (3/2001) firmware.
Note in my upgrade it does not look like it will reset the filters if you have manually changed them, you would have to reset the settings in the router to get the default set back if you have disabled or modified it.
-- -------------- David A. Smith <smithd () blkbox com> The box said: "Needs Windows 98 or better," so I bought a Macintosh.
Current thread:
- ZyXEL Prestige 642R: Exposed Admin Services on WAN with Default Password Daniel Roethlisberger (Aug 09)
- <Possible follow-ups>
- Re: ZyXEL Prestige 642R: Exposed Admin Services on WAN with Default Password Peter Gutmann (Aug 10)
- Re: ZyXEL Prestige 642R: Exposed Admin Services on WAN with Default Password Daniel Roethlisberger (Aug 10)
- Re: ZyXEL Prestige 642R: Exposed Admin Services on WAN with Default Password Daniel Roethlisberger (Aug 12)
- Re: ZyXEL Prestige 642R: Exposed Admin Services on WAN with Default Password David Smith (Aug 12)
- Re: ZyXEL Prestige 642R: Exposed Admin Services on WAN with Default Password Daniel Roethlisberger (Aug 10)
- RE: ZyXEL Prestige 642R: Exposed Admin Services on WAN with Default Password Daryl Maunder (Aug 12)