dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
2314
share rss forum feed


Parad0X787
"If U know neither the enemy nor yoursel
Premium
join:2013-09-17
Edmonton, AB

3 recommendations

Your router backdoor 32764 ¿ ¿

Find out ...... your router backdoor
[ »www.ghacks.net/2014/01/06/find-r···t-32764/ ]


Midniteoyl

join:2013-11-22
Knox, IN
kudos:1

TP-Link TL-407T+ v2.1 is not open..



Gone Fishing
Premium
join:2001-06-29

1 edit

1 recommendation

reply to Parad0X787



Parad0X787
"If U know neither the enemy nor yoursel
Premium
join:2013-09-17
Edmonton, AB

Click for full size
Sehr gut und Danke .... ACK


ZZZZZZZ
Premium
join:2001-05-27
PARADISE
kudos:1
reply to Parad0X787

not my Linksys.

NefCanuck

join:2007-06-26
Mississauga, ON
reply to Parad0X787

Dlink 655 HW rev. A1, no backdoor for you!

NefCanuck



siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
Reviews:
·Bell Sympatico
reply to Parad0X787

Click for full size
My 2Wire 2701 gateway seems to be good.


DannyZ
Gentoo Fanboy
Premium
join:2003-01-29
Erie, PA
reply to Parad0X787

Westell 6100G Rev H tests negative.



Dustyn
Premium
join:2003-02-26
Ontario, CAN
kudos:10
reply to Parad0X787

Cisco RV220W tests negative.

KoRnGtL15
Premium
join:2007-01-04
Grants Pass, OR
reply to Parad0X787

Linksys E4200 v1 with latest firmware seems to be fine.


planet

join:2001-11-05
Oz
kudos:1

I used Shields Up and scanned TCP 32764, all stealthed up...Linky e1500.



DarkSithPro

join:2005-02-12
Tempe, AZ
kudos:2

3 recommendations

reply to Parad0X787

No need to install a program. GRC can do it right here: »www.grc.com/port_32764.htm


HELLFIRE
Premium
join:2009-11-25
kudos:12
reply to Parad0X787

R1811#sh log | i 32764
Jan  6 2014 18:43:52.543 MST: list INBOUND_ACL denied tcp 198.199.98.246(60981) -> XX.XX.XX.XX(32764), 1 packet
Jan  6 2014 18:43:53.543 MST: list INBOUND_ACL denied tcp 198.199.98.246(60983) -> XX.XX.XX.XX(32764), 1 packet
Jan  6 2014 18:43:54.555 MST: list INBOUND_ACL denied tcp 198.199.98.246(60987) -> XX.XX.XX.XX(32764), 1 packet
Jan  6 2014 18:44:35.912 MST: list INBOUND_ACL denied tcp 4.79.142.206(37484) -> XX.XX.XX.XX(32764), 1 packet
Jan  6 2014 18:45:14.365 MST: list INBOUND_ACL denied tcp 4.79.142.206(37495) -> XX.XX.XX.XX(32764), 1 packet
Jan  6 2014 18:47:21.235 MST: list INBOUND_ACL denied tcp 4.79.142.206(37537) -> XX.XX.XX.XX(32764), 1 packet
 

Nope! No One Home Here!

//in the voice of Rocky The Rabid Racoon

Regards


Dude111
An Awesome Dude
Premium
join:2003-08-04
USA
kudos:12
reply to Parad0X787

Click for full size
 


Dustyn
Premium
join:2003-02-26
Ontario, CAN
kudos:10

1 recommendation

reply to Parad0X787

Re: Your router backdoor 32764 ¿ ¿

I'd be interested to see if someone posts a positive.



Hank
Searching for a new Frontier
Premium
join:2002-05-21
Burlington, WV
kudos:2
reply to DarkSithPro

Using the GRC test we are good here also.



DarkSithPro

join:2005-02-12
Tempe, AZ
kudos:2

said by Hank:

Using the GRC test we are good here also.

Poor Steve Gibson . He's going to be looking at his logs one day and wonder why all these IP's are testing port 32764. Hahah...

Midniteoyl

join:2013-11-22
Knox, IN
kudos:1

He has a page set up just for the 32764 port..



DarkSithPro

join:2005-02-12
Tempe, AZ
kudos:2

said by Midniteoyl:

He has a page set up just for the 32764 port..

Suweet, where?


Parad0X787
"If U know neither the enemy nor yoursel
Premium
join:2013-09-17
Edmonton, AB

1 recommendation

reply to Dustyn

Some replies "port listening" ...... and could NOT showing here, cause TOS volation ???

Midniteoyl

join:2013-11-22
Knox, IN
kudos:1

1 recommendation

reply to DarkSithPro

said by DarkSithPro:

Suweet, where?

Was linked to by DarkSithPro above.. »www.grc.com/port_32764.htm

Looking at it, maybe not specific, but already inputted..


DarkSithPro

join:2005-02-12
Tempe, AZ
kudos:2

1 recommendation

said by Midniteoyl:

said by DarkSithPro:

Suweet, where?

Was linked to by DarkSithPro above.. »www.grc.com/port_32764.htm

Looking at it, maybe not specific, but already inputted..

"/me slaps forehead"

Midniteoyl

join:2013-11-22
Knox, IN
kudos:1

HAHAHAHA!

I'm sorry.. that was too funny to pass on



bluepoint

join:2001-03-24
reply to Parad0X787

Click for full size
Good to go according to GRC.

Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:4
reply to Parad0X787

I tried the GRC test and got - "Your Connection is Proxied" and we can't test because of that. This was not because I use a local proxy but because of a new privacy app for Fx and SM browsers.

So, I had to disable Secret Agent so GRC could see my real IP address and then it said the port is stealthed. I have a Netgear router.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson



Dude111
An Awesome Dude
Premium
join:2003-08-04
USA
kudos:12
reply to Parad0X787

Its good none of us have gotton a positive result on this!



norwegian
Premium
join:2005-02-15
Outback
reply to Parad0X787

Re: Your router backdoor 32764 ¿ ¿

I seem to be coming back all good, no matter which browser is used.
I also found this link as well via the link for port forwarding and it was blocked as well:
»www.yougetsignal.com/tools/open-ports/
By default it loaded port 80, but you can change it for the test to port 32764.
--
The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke


reply to Hank

The GRC test above wont work because the backdoor is on the lan side not the wan. This is why they had a python test.


Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:4

1 recommendation

But isn't the German Router Backdoor Scanner test checking in the same manner as GRC?



Pjr
Don't Panic

join:2005-12-11
UK

1 recommendation

reply to catinyourisp

From »github.com/elvanderb/TCP-32764 (Link from article in OP).

...
if it's listening on the internet: add a firewall rule in the web UI
...
it also seems to work on the LAN side.
...
Backdoor LISTENING ON THE INTERNET confirmed in :
...

The article in the OP gives 4 methods to check for the open port and one of them is from the WAN side.
--
Overflow error in /dev/null