Bugtraq mailing list archives

Re: SMC Routers have remote administration enabled by default

From: user86 <user86 () earthlink net>
Date: Thu, 29 Apr 2004 01:37:43 -0400

On Thursday 29 April 2004 01:10, user86 wrote:

On Wednesday 28 April 2004 12:55, user86 wrote:

There are two workarounds:
1.  Enable the router's firewall in its "Advanced Setup"

2.  Forward port 1900 of the router to a non-existent internal IP address
(such as 192.168.2.248 if it isn't in use).


A third workaround on the 7008ABR with firmware 1.032 is to go into the
router's "Advanced Setup" click "System" then "Remote Management" and click
"Apply" (even without changing any setting) and port 1900 then closes
itself.


Ugh!  Scratch that third workaround!  I just found out that that third 
workaround only works as long as the router stays up.  If the router is 
rebooted for *any* reason, such as during a power outage or by the user 
through the web interface, port 1900 is open again when the router boots back 
up!

Current thread:

SMC Routers have remote administration enabled by default user86 (Apr 28)
- Re: SMC Routers have remote administration enabled by default user86 (Apr 29)
  - Re: SMC Routers have remote administration enabled by default user86 (Apr 29)
- Re: SMC Routers have remote administration enabled by default Michael Curtis (Apr 29)
- Re: SMC Routers have remote administration enabled by default Martin Nedbal (Apr 30)