dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
28
share rss forum feed

guppy_fish
Premium
join:2003-12-09
Lakeland, FL
kudos:3
Reviews:
·Verizon FiOS

1 edit
reply to smrtech

Re: Common Router Security Flaw - You Want to Check This!

This post belongs in the security forums not FIOS

Also that page doesn't work right, it reports my router at IP 10.1.1.1 is responding to UPNP ... lol ( is a non routeable IP and can't be accessed from the WAN )

The details say I'm on a linux server that is at 192.168.0.1 , nothing in my network uses that IP

Complete waste of a test

knarf829

join:2007-06-02
kudos:1

1 edit
Yeah - what does Steve Gibson know about Internet security anyway?

As this is specifically about FiOS routers, it seems appropriate here. The flaw is router specific.


birdfeedr
Premium,MVM
join:2001-08-11
Warwick, RI
kudos:9
reply to guppy_fish
said by guppy_fish:

Also that page doesn't work right, it reports my router at IP 10.1.1.1 is responding to UPNP ... lol ( is a non routeable IP and can't be accessed from the WAN )
The details say I'm on a linux server that is at 192.168.0.1 , nothing in my network uses that IP

Did you click this link, which is an example of exposed UPnP vulnerability result? »www.grc.com/su/UPnP-Exposed.htm

or did you click this link, then click Services/ShieldsUP!, then run the UPnP test? »www.grc.com/intro.htm

The first link displays example results exactly like you reported. Use the second link. Your Actiontec primary router will not show the vulnerability. DD-WRT on my Asus doesn't either.

Also, some broadband system routers using PPPoE present non-routable WAN addresses because they are aggregated further upstream (if I'm using the correct terminology). Does FiOS MDU ONTs using VDSL do this? Maybe.

knarf829

join:2007-06-02
kudos:1
said by birdfeedr:

said by guppy_fish:

Also that page doesn't work right, it reports my router at IP 10.1.1.1 is responding to UPNP ... lol ( is a non routeable IP and can't be accessed from the WAN )
The details say I'm on a linux server that is at 192.168.0.1 , nothing in my network uses that IP

Did you click this link, which is an example of exposed UPnP vulnerability result? »www.grc.com/su/UPnP-Exposed.htm

or did you click this link, then click Services/ShieldsUP!, then run the UPnP test? »www.grc.com/intro.htm


mikev
Premium
join:2002-05-04
Leesburg, VA
Reviews:
·Comcast
·Verizon FiOS
·Callcentric
reply to birdfeedr
said by birdfeedr:

Does FiOS MDU ONTs using VDSL do this? Maybe.

Nope. I'm on one... My router has its own public WAN address. Also, I don't use PPPoE... My modem provides an ethernet connection that the router plugs into. The router just uses DHCP to get its IP address, no PPPoE.