cancel
Showing results for 
Search instead for 
Did you mean: 

I need a help with Potential changes in port obstructing conduct?

Jesicaalban4
Joining in

Hello,

Whenever Now and again I play out an outer sweep on my organization so I can check that I haven't done anything moronic. For convenience I will more often than not utilize the "all assistance ports" choice.

Since I joined virgin media a couple of years prior, while running the test I generally saw "shut" (blue square) against a portion of the tricky ports, for example, netbios and some dangerous Microsoft administrations.

My supposition that was that they were impeded by the ISP as they should not be being reachable across the web. Be that as it may, I ran it earlier today to really look at something, and all ports are displayed as a green square, and that implies secrecy.

Any Help will be Appreciated

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions

DJ_Shadow1966
Very Insightful Person
Very Insightful Person

Hello

Virgin Media's Blocked Internet Ports

In order to protect our customers and our network, a number of ports on the Virgin Media network are blocked.

Ports on the Internet are like virtual doors that data can pass through. All internet traffic passes through ports to get to and from systems and services across the Internet.

When a certain port is known to be subject to security vulnerabilities, we sometimes block that port on our network.

These ports are blocked at network-level. Traffic over these ports within your home network will continue to operate as normal, but will be inaccessible to devices outside your network.

Blocked ports TCP & UDP ports 135, 137, 138, 139 – Used by the NetBIOS service

NetBIOS services allow file sharing over a local network. When exposed to the Internet, it can be exploited to carry out malicious activities such as Distributed Denial of Service (DDoS) attacks or to gain unauthorised access to systems on a local network.

TCP & UDP port 445 – Used by the SMB protocol

Port 445 is vulnerable to a number of attacks which target vulnerabilities in systems running file-sharing services. This port is used by various malware strains to gain entry to a network, namely the WannaCry and Nimda malware variants.

Regards Mike

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

See where this Helpful Answer was posted

9 REPLIES 9

DJ_Shadow1966
Very Insightful Person
Very Insightful Person

Hello

Virgin Media's Blocked Internet Ports

In order to protect our customers and our network, a number of ports on the Virgin Media network are blocked.

Ports on the Internet are like virtual doors that data can pass through. All internet traffic passes through ports to get to and from systems and services across the Internet.

When a certain port is known to be subject to security vulnerabilities, we sometimes block that port on our network.

These ports are blocked at network-level. Traffic over these ports within your home network will continue to operate as normal, but will be inaccessible to devices outside your network.

Blocked ports TCP & UDP ports 135, 137, 138, 139 – Used by the NetBIOS service

NetBIOS services allow file sharing over a local network. When exposed to the Internet, it can be exploited to carry out malicious activities such as Distributed Denial of Service (DDoS) attacks or to gain unauthorised access to systems on a local network.

TCP & UDP port 445 – Used by the SMB protocol

Port 445 is vulnerable to a number of attacks which target vulnerabilities in systems running file-sharing services. This port is used by various malware strains to gain entry to a network, namely the WannaCry and Nimda malware variants.

Regards Mike

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

Client62
Legend

With Hub 3 in Router mode, when the Firewall is enabled the ports do not respond ( Stealth / Green ), with the Firewall disabled the ports respond as closed ( Closed / Blue ).

用心棒
Very Insightful Person
Very Insightful Person

@Client62 wrote:

With Hub 3 in Router mode, when the Firewall is enabled the ports do not respond ( Stealth / Green ), with the Firewall disabled the ports respond as closed ( Closed / Blue ).


Out of curiosity, where are you seeing these green, blue indicators?


@DJ_Shadow1966 wrote:

Hello

Virgin Media's Blocked Internet Ports

In order to protect our customers and our network, a number of ports on the Virgin Media network are blocked.

Ports on the Internet are like virtual doors that data can pass through. All internet traffic passes through ports to get to and from systems and services across the Internet.

When a certain port is known to be subject to security vulnerabilities, we sometimes block that port on our network.

These ports are blocked at network-level. Traffic over these ports within your home network will continue to operate as normal, but will be inaccessible to devices outside your network. BallSportsPro

Blocked ports TCP & UDP ports 135, 137, 138, 139 – Used by the NetBIOS service

NetBIOS services allow file sharing over a local network. When exposed to the Internet, it can be exploited to carry out malicious activities such as Distributed Denial of Service (DDoS) attacks or to gain unauthorised access to systems on a local network.

TCP & UDP port 445 – Used by the SMB protocol

Port 445 is vulnerable to a number of attacks which target vulnerabilities in systems running file-sharing services. This port is used by various malware strains to gain entry to a network, namely the WannaCry and Nimda malware variants.

Regards Mike


Thanks you for Answer I really Appreciated.

Hi @Jesicaalban4 

As you've confirmed on another thread that you've resolved your issue, we will take steps to have them closed. Thanks for your updates and I hope your services run more smoothly for you moving forward.

Regards

Lee

Try a port scan with via the GRC ShieldsUP  website : https://www.grc.com/x/ne.dll?bh0bkyd2

用心棒
Very Insightful Person
Very Insightful Person

@Client62 wrote:

Try a port scan with via the GRC ShieldsUP  website : https://www.grc.com/x/ne.dll?bh0bkyd2


AFAIK regardless of the Hub's firewall setting ports 135, 137, 138, 139 and 445 are always reported as closed.

The problem is that Virgin's network infrastructure should prevent unauthorized access to these ports, instead of depending on the consumer modem that is installed at the customer's location. This is especially true for the Virgin modem router, which can operate in two modes. When it is in the router mode, the ports are in stealth (no reply to the attacker). When in modem-only mode, ports report as closed (reply to the attacker and confirmation of a vulnerability and attack feasibility). This is a serious issue. The hardware that Virgin is using should be set up to not respond to any port scanning techniques, whether they are known or not. But they have not done this, which exposes customers to potential attacks, both current and future. This could lead to a legal action against them on this matter.

用心棒
Very Insightful Person
Very Insightful Person

What is observed that indicates network traffic on those ports reaches the Hub?