Forum Discussion

pchana's avatar
pchana
On our wavelength
5 months ago
Solved

Open Port 53

Hi there,

I received an email from [REMOVEDVirginMedia.com yesterday stating that a device connected to my home network had been identified as having a potential Open DNS Resolver (ODNSR) Vulnerability.

I have a ASUS BE98 Router all settings have been left on default, any help to resolve this would be greatly appreciated, as I am not very tech savvy. 

Mod Edit : Private information has been removed. Please see our forum guidelines for more information

  • Client62's avatar
    Client62
    5 months ago

    Have you performed a full factory reset of the  ASUS BE98 Router
    and updated it to the latest ASUS firmware ?

    The problem persists ... 

    > nslookup hp.com cpc159435-dudl15-2-0-cust30.16-1.cable.virginm.net

    Server:  cpc159435-dudl15-2-0-cust30.16-1.cable.virginm.net
    Address:  86.16.144.31

    Non-authoritative answer:
    Name:    hp.com
    Addresses:  15.72.80.135
              15.73.145.56

38 Replies

Show More
  • pchana's avatar
    pchana
    On our wavelength
    5 months ago

    Hi Guys thanks for all your advice I have followed all your advice I have just received another email for virgin that I still have a Open DNS Resolver (ODNSR) Vulnerability. dated 4th February. I cant see anything open. have turned everything off.

  • Client62's avatar
    Client62
    Alessandro Volta
    5 months ago

    Have you performed a full factory reset of the  ASUS BE98 Router
    and updated it to the latest ASUS firmware ?

    The problem persists ... 

    > nslookup hp.com cpc159435-dudl15-2-0-cust30.16-1.cable.virginm.net

    Server:  cpc159435-dudl15-2-0-cust30.16-1.cable.virginm.net
    Address:  86.16.144.31

    Non-authoritative answer:
    Name:    hp.com
    Addresses:  15.72.80.135
              15.73.145.56

  • pchana's avatar
    pchana
    On our wavelength
    5 months ago

    yes I have done full reset and it is on latest firmware.

  • pchana's avatar
    pchana
    On our wavelength
    5 months ago

    checked ports on here https://www.yougetsignal.com/tools/open-ports/says ports are closed i.e. 53

    • Buffer6's avatar
      Buffer6
      Legend
      5 months ago

      Download Malwarebytes and run a scan, there might be some onboard software that's using it when it's running.

    • legacy1's avatar
      legacy1
      Alessandro Volta
      4 months ago

      https://www.thinkbroadband.com/tools/open-dns-resolver-check

      If the above shows good VM is just sending spam

  • Client62's avatar
    Client62
    Alessandro Volta
    4 months ago

    The OPs Public IP functions as a Public DNS and resolves nslookup requests,
    a DNS leak test reveals a VM DNS is servicing the requests.

    So either ...  

    1) The ASUS Router is responding i.e. A configuration issue or security defect.

    2) A device connected to the ASUS Router has opened Port 53 and is responding.

     

  • pchana's avatar
    pchana
    On our wavelength
    4 months ago

    hi guys

    I've disconnected everything, I've done another factory full reset of the router reconnected devices. 

    I did a nslookup its coming back as DNS request timed out

    Server unknown

    tried several addresses all come as server timed out

    can someone from virgin media confirm all is ok now please.

    thanks.

  • Client62's avatar
    Client62
    Alessandro Volta
    4 months ago

    Assuming you are still on the same IP, it does look fixed.

    • pchana's avatar
      pchana
      On our wavelength
      4 months ago

      yes still on same IP done a full factory reset on router.