Posted: Sun Feb 05, 2012 20:40 Post subject: MI424WR Rev D ports 23, 80, and 53 open
Hi, I have a bit of experience working with DD-WRT, I have flashed at least 60 Broadcom devices, I have searched for my problem and have come up empty.
I'm running DD-WRT v24-sp2 (08/07/10) std
(SVN revision 14896) the latest from the router database (which the wiki points to)
as the title says these 3 ports are open, I can telnet in with username root (even though I changed it to something else in configuration) and my password, and also use web gui remotely even though both are specifically disabled. I don't know what vulnerabilites port 53 (DNS) is exposing me to...
Is there an updated build that I can use that I can flash? With a Broadcom device I know that there is a bunch of versions to choose from. I'm not sure if the same applies here.
Joined: 06 Jun 2006 Posts: 7492 Location: Dresden, Germany
Posted: Thu Feb 09, 2012 21:56 Post subject:
if you want to close these ports from inside too, simply disable telnet, httpd and dnsmasq _________________ "So you tried to use the computer and it started smoking? Sounds like a Mac to me.." - Louis Rossmann https://www.youtube.com/watch?v=eL_5YDRWqGE&t=60s
I made the same mistake. I port scanned my WAN IP with NMap and saw those same ports open, but apparently it wasn't really scanning the WAN IP from the outside. I promptly closed http access to close port 80 and locked myself out of the GUI (fixed it by Telneting in).
If you use one of the web based port scanners they will show those ports closed.
I don't quite get why NMap didn't do the scan I thought it was doing - must be something to do with routing tables I suppose.