Menu
Reply
  • 3
  • 1
  • 0
Tuning in
104 Views
Message 1 of 6
Flag for a moderator

VirginMedia email: portmapper vulnerability

A question for the technologically minded please.

Got another email from VM today about portmapper vulnerability. The link says to close UDP port 111. I did this following the first email some months ago.

I have a Superhub 2ac in modem mode connected to a Netgear router. The router firewall is already set to deny port scans and DoS attacks. There is no DMZ. Port 111 is already blocked for UDP and TCP (done after an earlier email).

This was confirmed by using the ShieldsUP! port scanner, tested twice by scanning ports 1-1056 and then port 111.

portscan.png

Why then am I getting these emails?

0 Kudos
Reply
  • 1.74K
  • 93
  • 244
Superfast
102 Views
Message 2 of 6
Flag for a moderator
Helpful Answer

Re: VirginMedia email: portmapper vulnerability

the first time you got it, was UDP port 111 open? if so, did you open it?
do you currently have any ports open via port forwarding?

-----------------------------------------------------------

My Broadband Ping - spgray

  • 3
  • 1
  • 0
Tuning in
98 Views
Message 3 of 6
Flag for a moderator
Helpful Answer

Re: VirginMedia email: portmapper vulnerability

Thanks for your reply.

I think UDP 111 was open when I got the first email. Closed it down at that time.

Checked the router settings and I currently have no ports open via forwarding/triggering.

0 Kudos
Reply
  • 1.74K
  • 93
  • 244
Superfast
96 Views
Message 4 of 6
Flag for a moderator
Helpful Answer

Re: VirginMedia email: portmapper vulnerability

anything currently using uPnP?

-----------------------------------------------------------

My Broadband Ping - spgray

  • 3
  • 1
  • 0
Tuning in
89 Views
Message 5 of 6
Flag for a moderator

Re: VirginMedia email: portmapper vulnerability

Had a look at the router portmap table.

My NAS (connected to router via Ethernet cable) currently using UPnP for NFS service on the LAN on ports 111, 892 and 2049. That's so I can access NAS files from desktop PC or laptop connected to my home network.

I thought that if router is configured to block 111 then NFS should work on the other ports.

Is this the problem? Can easily disable NFS and use another service (sFTP/SMB/AFP).

I did think of UPNP as the problem and did a UPnP probe at ShieldUp!

UPnP Probe.png

This networking business is very complicated. Appreciate the help.

0 Kudos
Reply
  • 2.62K
  • 158
  • 210
Moderator
Moderator
13 Views
Message 6 of 6
Flag for a moderator

Re: VirginMedia email: portmapper vulnerability

Hi dracp,

 

Thanks for posting here.

 

It's been a while since you last posted, so I'm hoping you've now had the help you need?

 

If not, please pop back to us here.

 

Thank you,

 

Melissa

0 Kudos
Reply