Menu
Reply
  • 5
  • 0
  • 0
somerset333
Joining in
510 Views
Message 1 of 13
Flag for a moderator

Can someone help, I have received a second letter from VM saying that I have an SNMP vulnerability.

I have now received two letters about this.  I do not have a superhub or any of the Virgin Media hubs shown in the photos. There are no details about a password etc. as given in the guidance.  I only use a mac at the moment, and when I co to security settings (firewall) there are no options to block the specific ports mentioned ( UDP ports 161 and 162.) The only way to block apps is by name.  I have blocked everything but Dropbox that is in the list shown. (I have another laptop, but I never use it and I no longer have any security software on it) I can't help but wonder if this is the device being found with the security risk.  I am not really keen to spend a 1 off £35 to have someone solve something which I could do myself with proper instructions.  Is there anyone out there who can tell me what I am missing here and why I can't find the correct instructions for my situation?  Thanks so much !

0 Kudos
Reply
  • 13.35K
  • 590
  • 1.64K
gary_dexter
Alessandro Volta
477 Views
Message 2 of 13
Flag for a moderator

Re: Can someone help, I have received a second letter from VM saying that I have an SNMP vulnerability.

Let me guess - does the letter direct you towards using their "gadget rescue" service or something similar?
*****
If you think my answer has helped - please provide me with a Kudos rating and mark as Helpful Answer!!
I do not work for Virgin Media - all opinions expressed are of my own and all answers are provided from my own and past experiences.
Office 365, Dynamics CRM and Cloud Computing Jedi
  • 13.01K
  • 371
  • 1.06K
Moderator
Moderator
450 Views
Message 3 of 13
Flag for a moderator

Re: Can someone help, I have received a second letter from VM saying that I have an SNMP vulnerab...

Hi somerset333,

 

Thanks again for getting in touch, I've replied to your post in the thread here, lets get the engineer out and the the old modem swapped, hopefully this will help.

 

If you then have any further problems or follow up letters we'll review what needs be done next.

 

Cheers

 

 

Ralph_R
Forum Moderator

The do's and don'ts. Keep the community welcoming for all. Follow the house rules


0 Kudos
Reply
  • 1
  • 0
  • 1
Monkeychap
Just joined
325 Views
Message 4 of 13
Flag for a moderator

Re: Can someone help, I have received a second letter from VM saying that I have an SNMP vulnerab...

I just got one of these letters too, and I have to say it smells a bit funny. The website provided by Virgin does not provide sufficient information to solve the problem, so I can only assume the letter's purpose is to scare customers into using their gadget support service.

Virgin Media needs to update the guidance with:

* How to block SNMP for more than one IP address (it's DHCP, so no way to know which IPs to block) on the Superhubs, or am I supposed to enter the rules 510 times ?

* Provide updated guidance for Apple products as the weblinks they lazily put on there date back to 2012 and do not work with the latest airport utility software.

If those letters are going out to the elderly and vulnerable, VM should be ashamed of themselves - esp. as the routers do not block SNMP by default. I'm sure OFCOM would be interested in this.

 

 

  • 6
  • 0
  • 1
Ann_Farr
Tuning in
230 Views
Message 5 of 13
Flag for a moderator

Re: Can someone help, I have received a second letter from VM saying that I have an SNMP vulnerab...

I've just received a letter from VM about this SSDP Vulnerability Alert and have been everywhere they suggest but still understand nothing. Thought I'd block ports 161 and 162 on the Super Hub but cannot find these specific ports, nor a 'Port Blocking Rules Table' as suggested on the Hub site, nor anything else I understand. I'm a Mac user. Always considered myself fairly good at looking after the network but perhaps I'm now in the realm of 'old and vulnerable' and would really like any communication from VM to be written in plain (not techie) English. So unless someone (Virgin Media listening?) can tell me precisely what I should  do, I'll just have to leave it as is.

0 Kudos
Reply
  • 13.62K
  • 720
  • 4.71K
Superuser
Superuser
227 Views
Message 6 of 13
Flag for a moderator

Re: Can someone help, I have received a second letter from VM saying that I have an SNMP vulnerab...

The SSDP Vulnerability page is currently incorrect, and has the information for SNMP instead.  Virgin have been informed and do plan to correct this later today.

SSDP uses Port 1900 UDP instead.

I've set up port forwarding so inbound packets on that port go to a port that does not listen for those connections.  See my post here.

http://community.virginmedia.com/t5/Security-matters/mDNS-and-SSDP-vulnerabilities-a-suggestion-for-...

While mainly about mDNS I've used the same approach for both services.

________________________________________


Only use Helpful answer if your problems been solved.

  • 6
  • 0
  • 1
Ann_Farr
Tuning in
220 Views
Message 7 of 13
Flag for a moderator

Re: Can someone help, I have received a second letter from VM saying that I have an SNMP vulnerab...

Thank you ravenstar68. Not sure I understand this either, sorry. Have never used port forwarding -- in fact the port thingie is a total mystery to me as I just let our Macs choose for themselves (I think!). Don't even know what DMZ is, other than the DeMilitarised Zone which existed once ... 

Anyway, I'll read your linked post again and if I don't understand I'll wait for a hint from Virgin. But thank you so much for your help.

0 Kudos
Reply
  • 13.62K
  • 720
  • 4.71K
Superuser
Superuser
214 Views
Message 8 of 13
Flag for a moderator

Re: Can someone help, I have received a second letter from VM saying that I have an SNMP vulnerab...

What router are you using?

Ravenstar68

________________________________________


Only use Helpful answer if your problems been solved.

0 Kudos
Reply
  • 6
  • 0
  • 1
Ann_Farr
Tuning in
209 Views
Message 9 of 13
Flag for a moderator

Re: Can someone help, I have received a second letter from VM saying that I have an SNMP vulnerab...

VM's super Hub.

0 Kudos
Reply
  • 13.62K
  • 720
  • 4.71K
Superuser
Superuser
204 Views
Message 10 of 13
Flag for a moderator

Re: Can someone help, I have received a second letter from VM saying that I have an SNMP vulnerab...

There's actually 4 versions of the Superhub

This help article by Virgin Media Will guide you through setting up port forwarding.  Click the picture that matches your hub.

Add a rule for port 1900 UDP to go to an IP address you are not using - e.g. 192.168.0.253 (Don't use 255 as that has a special meaning to the network and is not allowed).

Ravenstar68

________________________________________


Only use Helpful answer if your problems been solved.