Menu
Reply
  • 2
  • 0
  • 0
OnlineD
Joining in
369 Views
Message 1 of 5
Flag for a moderator

SSDP Letter

I have received a letter suggestion I block ports 161 & 162 on my router.  In the letter it provides a link to a completley useless page which is supposed to tell you how to do this.  It states

  • Access your Hub's configuration page - default web address: 192.168.0.1
  • Login with your username and password, default will be shown on the Hub itself
  • Select Advanced Settings
  • Select Port Blocking
  • Select Predefined Rule Service
  • Enter: 161 & 162

Now I have done this but I am presented with the following

Service - drop down with a load of options - which one do I select?

Add rule
Name
Start port - I assume I enter 161  here
End port - I assume I enter 162 here

Protocol - drop down with TCP / UDP or TCP&UDP as options - which one do I select?

IP Address which is set to 192.168.0. and I can fill in the last

 

The support page simply states select predefined rule service which appears to bear no relation to the options available to me.

Can anyne please help?

0 Kudos
Reply
  • 3.51K
  • 203
  • 982
Sololobo
Wise owl
336 Views
Message 2 of 5
Flag for a moderator

Re: SSDP Letter


OnlineD wrote:

I have received a letter suggestion I block ports 161 & 162 on my router.  In the letter it provides a link to a completley useless page which is supposed to tell you how to do this.  It states

  • Access your Hub's configuration page - default web address: 192.168.0.1
  • Login with your username and password, default will be shown on the Hub itself
  • Select Advanced Settings
  • Select Port Blocking
  • Select Predefined Rule Service
  • Enter: 161 & 162

Now I have done this but I am presented with the following

Service - drop down with a load of options - which one do I select?

Add rule
Name
Start port - I assume I enter 161  here
End port - I assume I enter 162 here

Protocol - drop down with TCP / UDP or TCP&UDP as options - which one do I select?

IP Address which is set to 192.168.0. and I can fill in the last

 

The support page simply states select predefined rule service which appears to bear no relation to the options available to me.

Can anyne please help?


Make sure you've blocked UPnP at your Internet gateway (router). Specifically configure your firewall to block any system from outside your LAN from accessing port 1900/UDP, and if you have any Windows systems also block port 2869/TCP.

Ports 161 and 162 are used for SNMP,.Why it has been suggested you block them with regard to a potential SSDP vulnerability seems strange.




It's What I Do.
I Drink and I
Remember Things.
  • 13.66K
  • 720
  • 4.73K
Superuser
Superuser
326 Views
Message 3 of 5
Flag for a moderator

Re: SSDP Letter

I think someone must have gotten SSDP and SNMP mixed up when writing their page here

http://virginmedia.com/ssdp

SSDP is not just used in routers.  I installed a UPnP browser on my system and the following devices showed up on my LAN

Router
Bush TV
Plex Media Server
Chromecast.

This is not unexpected as while UPnP is most often linked to routers, it's also involved in a lot more.  I've even seen a response from uTorrent

@Sololobo is quite correct - the port that needs closing is 1900UDP

Can I ask - do you currently have a device in the DMZ?

Ravenstar68

 

________________________________________


Only use Helpful answer if your problems been solved.

0 Kudos
Reply
  • 3.51K
  • 203
  • 982
Sololobo
Wise owl
323 Views
Message 4 of 5
Flag for a moderator

Re: SSDP Letter


ravenstar68 wrote:

I think someone must have gotten SSDP and SNMP mixed up when writing their page here

http://virginmedia.com/ssdp

SSDP is not just used in routers.  I installed a UPnP browser on my system and the following devices showed up on my LAN

Router
Bush TV
Plex Media Server
Chromecast.

This is not unexpected as while UPnP is most often linked to routers, it's also involved in a lot more.  I've even seen a response from uTorrent

@Sololobo is quite correct - the port that needs closing is 1900UDP

Can I ask - do you currently have a device in the DMZ?

Ravenstar68

 


I see what you mean about a mix-up between SSDP and SNMP in the VM help pages. Smiley Surprised

That's something VM should rectify ASAP, they are providing incorrect information to mitigate a different vulnerability. 

 




It's What I Do.
I Drink and I
Remember Things.
0 Kudos
Reply
  • 13.66K
  • 720
  • 4.73K
Superuser
Superuser
317 Views
Message 5 of 5
Flag for a moderator

Re: SSDP Letter

I've flagged the issue to the mods, via the Superusers board.

Ravenstar68

________________________________________


Only use Helpful answer if your problems been solved.

0 Kudos
Reply