Open Port

MollCMollC Member Posts: 5
First Comment Photogenic

Hi all, any advice on this would be GREATLY appreciated. My Fingbox’s vulnerability report for my home router shows Port 7547 (TCP) as having been manually opened for the past year or so. My ISP is of little help (more due to lack of knowledge than anything else) and I’m having no luck closing it manually myself. Has anyone run into anything similar with this port or know what it’s even used for? Google has been of little help. I suppose I could be configuring the firewall incorrectly but I don’t think I am. This is the only port that’s showing as open. The scan confirmed that port-forwarding is disabled. Thanks in advance for any assistance!!

Answers

  • rootedrooted Gulf Coast, USModerator Posts: 739
    500 Comments 50 Answers 100 Likes 25 Agrees
    ✭✭✭✭

    Yes it seems to be an issue if concern, it appears to possibly be used to exploit the device.

    Is your device made by Zyxel or possibly called Speedport?

    Countermeasures

    As a consumer, if you suspect that your modem is vulnerable or worse, exploited: Reboot your modem and check on firmware updates. For some ISPs, like Deutsche Telekom, firmware updates are avaialbe. But you will typically receive the firmware from your ISP, not the modem's manufacturer. ISPs customize firmware, like for example by enabling TR-069, and a "default" manufacturer provided firmware may not work for you.

    ISPs should (and typically will) restrict access to port 7547 and port 5555 if it is used for remote configuration. Modem should only accept connections from specific configuration servers. TR-069 implementations had vulnerabilities in the past, and it is very likely that additional issues will be found in the future. Restricting access to the port is necessary to protect the modem from exploits against unpatched vulnerabilities.

    nozero
  • MollCMollC Member Posts: 5
    First Comment Photogenic

    Thank you so much Rooted for taking the time to reply.. I am going to do as you advised.. reboot the modem & attempt to get a firmware update from my ISP (Spectrum).

    In the meantime, do you think you could tell me exactly how you think I should config the firewall to specifically close/block this port? Thanks

  • rootedrooted Gulf Coast, USModerator Posts: 739
    500 Comments 50 Answers 100 Likes 25 Agrees
    ✭✭✭✭

    Unfortunately I don't believe you can close the port yourself since it's opened by the gateway.

    What is the make and model of your gateway/router?

    nozero
  • nozeronozero Member Posts: 1
    First Comment Photogenic
    edited July 13
    @rooted
    Same situation regarding open port 7547, my router is DBDC ROUTER RAC2V1K Askey Computer Corp.  Advice welcomed!
  • SpicyBoySpicyBoy Member Posts: 2
    Photogenic First Comment

    maybe as a temporary measure set up a routing rule to forward that port traffic to an unused IP address. or perhaps a camera that is facing the wall. they won't figure it out that quickly then. although it's too late already. you never shake that feeling that they still lurking somehow. time to start formatting all your shit. other thing you can try is if your router has SSH accessability you can go in and use the kill command on whatever is happening around that port. keep an eye on it with top command.

Sign In or Register to comment.