|
Port 4567 open on Actiontec Router using
Verizon FIOS
After switching to FiOS and testing my ports, I found that
port 4567 was open. If you test the
ports, be sure to use a scanner that can scan port numbers in
this range, or one that can scan any
single port.
I still don't know why the PORT is open but it appears that all
FIOS users have this open port on
the Actiontec router.
Some Forum Quotes:
The Actiontec Router has a web server running on that particular
port. The web server requires you
to authenticate with a username and password but it is a
different login than the admin account. It
is very likely a backdoor into the router either from Actiontec
or from Verizon. The port does not
show up in any configuration menu and it cannot be blocked, well
maybe it can see below. I
see it as a security issue since it
allows someone to access the router from outside my network.
This should never be the case.
Is there a fix for this? Perhaps yes, keep reading but beware
that Verizon has a reason to have this
port open possibly to access your set top boxes or something
else?
Also, another person said "Most likely" this port is open at
your computer, but gets intercepted
at the ISP level. The probe packets from the online scan never
reach your computer. But is this
true?
The port is on the router and it can be checked by doing a
telnet to the router on 4567. Or simply
type: »192.168.1.1:4567 in your browser. Also works for the
internet facing (WAN) IP address, which
you can get from the router status page or with various tools.
In any case the router is the one
that has a webserver running on port 4567 TCP. You will be
challenged for a username and password.
This all comes from the Actiontec router, which has an
undocumented server running on that port. See
the Verizon FIOS forum and look for this post: "Actiontec Router
has port open to world"
http://www.fiosfaq.com/content.php?contentid=79 (Good
information here)
One person reported after calling Verizon asking why a Dangerous
"known hackers port" was open for some cracker to sniff out.........They gave him
the run around telling him not to
worry the built in Firewall in the Router will protect you?
Another person said Verizon just could not answer this question.
I don't believe that Verizon support can help with this. They
can't help with router configuration
other than telling you to "Press the reset button...' for
default settings. Their training doesn't
seem to include any help with router configuration.
To fix this issue and block the port use the steps offered here.
http://www.fiosfaq.com/content.php?contentid=79
Ok, so I sent off a short email to
Actiontec. Their reply was good and very fast however it also
raised more questions.
You wrote to Actiontec:
What is the reason port 4567 is open to the world, and how can
we close it?
I have read that several other people are also asking this
question on
forums.
Thank You for any help with this.
The reply from Actiontec:
Its really not open to the "world", its connected to
a secure server maintained by VERIZON to automatically upgrade
your routers firmware when its connected to the FIOS network.
The MOTIVE server requires a connection on port 4567 to
constantly monitor your routers firmware and check for upgrades.
To my knowledge it cannot be exploited, but I honestly have not
tested it having no access directly to the FIOS network to try.
Ok, sounds good but then why just after we received FIOS did
Verizon tech support tell me to check the firmware version and
update if needed doing so through the routers setup page? Also
constantly monitoring your routers firmware seems a bit much
unless there is more to it than we know.
Come on Verizon let your customers know more about this
open port.
If anyone
out there has further good information about this,
please email NJhosting @
gmail.com (remove spaces) |
