GRC Port Authority Report created on UTC: 2012-03-05 at 23:56:34
Results from scan of ports: 161, 4567
0 Ports Open
0 Ports Closed
2 Ports Stealth
---------------------
2 Ports Tested
ALL PORTS tested were found to be: STEALTH.
TruStealth: PASSED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.
"To all those annoyed that BT even does this: Quit whining. Not everything is a **bleep** conspiracy. Complaining won't help. You can get rid of your hub if you want, but frankly I'm happy with my hub and see no reason to dump it; its security holes - intentional or not, whatever their reasons - can be safely sealed by the end user with just a little know-how, without impacting security or performance."
# netstat -nltu
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:161 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:2600 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:8011 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN
udp 0 0 0.0.0.0:161 0.0.0.0:*
udp 0 0 0.0.0.0:67 0.0.0.0:*
udp 0 0 0.0.0.0:69 0.0.0.0:*
Thank you for your 2Wire recommendation and kind offer to send me appropriate links on ebay. In fact you already did that when I first posted about hardware a couple of weeks ago and before I migrated to Infinity. In fact I followed up one of your links and am the proud owner of a new unboxed 2Wire which I got for £10 - unfortunately I missed the one that went for 99p! I originally intended it as backup for the HH, but I may swap it and use the HH for that purpose once my 10 day settling in period is over.
BT told me that there is a 10 day training period for Infinity. Thats what I meant by settling in.
I had phoned them about my speed dropping a few days after installation from 37Mbs (BT speed tester) to very low levels indeed - even had it as low as 4Mbs which is just about the same as the ADSL line I had previously. Profile confirmed as still being at 38Mb. Weird thing the upload speed has hardly moved from the original 8Mbs.
A less drastic way is to disconnect/reconnect the router/hub to force a new PPP session & thus recalculate the real IP Profile. As the modem stays in sync, DLM will not take any action.
I am all at sea regarding how in reality my connection is actually performing - it was easy in the ADSL days with Netgear and RouterStats. I'm still experiencing real difficulties in getting a reliable set of stats to use as a benchmark and which I understand. The speedtest sites (including BT's own) seem to peform in very weird ways sometimes (and are very inconsistent both compared with each other and also on their own results for test performed very close together). My XP related issues (which was the subject of another thread I created - which was very helpfully answered by you guys) did not help.
conf set bt/bt_agent/enabled 0
conf reconf 1
Port 4567 is a throwback from the OpenRG software and it's not defunct TR-069 management. The hub now uses ACS for updates not TR-069. YOu can again block this on the 3A if you have CLI access by putting a rule in the firewall.Do we know where the UART port is? I'm happy to take my iron to my HH3, it's worthless until I can have OpenWRT on it, at least to me :)
Unlocking should not be a problem. It from what I can glean off the internet it's an openrg esque firmware so should be like the 2B / 3A unlock.
The hard part will be getting access to a cli. I am 99% sure that BT closed the simlink loophole we use to get access on the 2B and 3A from the initial firmware upwards so it may be hardware on the console port to unlock initially.
Just an update ref my HH3 (Type B).
I never permanently implemented the "workaround" solution posted on other forums regrading stealthing the open ports 161 and 4567.
QuoteJust an update ref my HH3 (Type B).
I never permanently implemented the "workaround" solution posted on other forums regrading stealthing the open ports 161 and 4567.
If you are able, please post the link(s) that are implied in the above. :)
b*cat, thought you were on TT ? Is it merely curiosity (cats are renowned for it) or do you have another reason for your interest in the HH3 ?
B*eagle is curious now ! :o
Today doing my usual ad hoc security checks of firewall and virus software I noted that port 4567 is now stealthed. And the "workaround" for port 161 now does not work. I've now tried it several times.
I cannot explain this and certainly do not like it. I think I will take my ebay 2Wire purchase out of its packaging and fire it up.........
Hi Blackeagle,
Just looking at the router - don't want to fiddle with the modem.
Does that mean I could use my old DG834 simply as a router with FTTC?