1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WRV54G Firmware v2.36 Security Flaw ?!?

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by Nemo, Sep 15, 2004.

  1. Nemo

    Nemo Network Guru Member

    I need help to verify a possible bug in the new Linksys firmware v2.36 for the WRV54G. I reset the router to factory defaults, then flashed it with the new firmware. To be sure I (hard) reset the router again, and then went to the Gibson Research Corporation "Shields UP!!" page:

    https://grc.com/x/ne.dll?bh0bkyd2

    and did a Common Ports Probe and found out that port 113 is CLOSED (which is normal for most routers), but I was surprised to see that port 443 (HTTPS) is reported as wide OPEN. javascript:emoticon('8O')
    Shocked All other ports probed by this site are in "Stealth" mode. I am not an expert, but isn't https, the http protocol over TLS/SSL, and unless you are running some sort of (commercial) site that needs that port to be open isn't this a bit risky? I contacted Linksys about this but all I got in response was their suggestion of d/l the firmware again, reset the router to default values and re-flash the firmware (all of which I've done twice now with the same results).

    Could some you that have this same router (mine is h/w v.02) and have flashed the firmware to v2.36 run the same test and post your results.

    Many Thanks !!! 8O
     
  2. TazUk

    TazUk Network Guru Member

    Yep mines showing as open too 8O

    I'm running the same versions i.e. firmware 2.36 and hardware rev. 02
     
  3. TazUk

    TazUk Network Guru Member

    Couldn't find a way to block it using the Access Restriction section so I've just redirected port 443 to an unused local IP, SheildsUp shows it as Stealthed now :)
     
  4. Nemo

    Nemo Network Guru Member

    I did the same (also for port 113 while I was at it) but it feels like a "hack".

    I wonder if (for port 443) this was an oversight by Linksys.


    Thanks for proving that I am not going insane javascript:emoticon(':D')
    Very Happy
     
  5. gaogi

    gaogi Network Guru Member

    443 is used by the QuickVPN client. The VPN client communicates with the router using https to exchange information needed to set up a VPN tunnel. The port is probably left open to listen for requests from the QVPN client.
     
  6. cyberpsych1

    cyberpsych1 Network Guru Member

    That being said, how do you go about securing 443 and 113?
     
  7. TazUk

    TazUk Network Guru Member

    ;)
     

Share This Page