I have had a few notices recently saying one of my devices may have an SNMP vulnerability. I have checked for rules in the hub 3 settings to delete that use ports 161/2 but the only one there does not allow me to delete it. The IP address that has automatically created it is from my CCTV system which I assume is to allow me to view remotely. I cannot see anything in the CCTV settings where port 161 is mentioned to change it. Is there a way I can block the port completely to stop getting more notices through? Thanks
I have done all of that but there are no rules I can delete. As in my original post the only thing that mentions port 161 is an automatic rule generated from an IP that is my CCTV system - there is nothing in my CCTV settings that shows port 161 being required so cannot remove it there either. Stumped!
So it looks like the CCTV is setting that up which is why you getting the messages. As you have done everything on your side and the hub the next point off call would be the manufacture of the CCTV system as from what you have said it is basically phoning home.
I have a good look around and cannot find anything else that could stop it, maybe a VM staff member would like to comment.
I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more
Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks
I have been experiencing the same issue and I was perplexed to see that there was no apparent way of disabling the 161. Like you I noticed that there was an automatic rule referencing the port which which was automatically applied by something called UPnP. I later found out that this is a reference to universal plug and play and all the security websites I visited suggested that this should be disabled immediately as this was a source of vulnerability. I went down to the UPnP tab and disabled this. All automatic rules then disappeared including the rule applying to port 161 so I am assuming that this port has been disabled.
Be warned, I have absolutely no idea what I am doing and just hope that I have not disabled something important. So far so good.
Ah yes the delights (and security implications) of UPnP!
The logic behind it is this, you have a CCTV camera which you might want to view from outside your home network, that's a real problem because the firewall in the Hub blocks any incoming traffic from the outside getting into your internal network unless it has been started by a device already in the inside - that's a bit of a massive oversimplification, I'm afraid.
So what you need to do is to make 'holes' in the firewall specifically to allow traffic in from the outside but only if it is a specific 'type' and if so forward it to a specific device on your network. This is referred to as port forwarding and to do it manually, you need the required information all to hand, the skill to know how to do it and frankly the VM Hub makes hard work of doing it at the best of times!
Introducing UPnP; which is a sort of industry standard for devices to automatically configure the firewall and basically say to them, my IP address is a.b.c.d, and I'd like you to allow any incoming traffic on these specific port numbers and forward it to me - thank you very much. And if UPnP is enabled then the firewall sets itself up accordingly.
You don't need to be a genius to work out what a massive potential security flaw this can be, it's all nice and convenient for you but you now have no idea what your devices are doing or what is being allowed in. I hate UPnP with a passion and kill it whenever I come across it on domestic equipment.
By turning it off, what you have probably done is to block access to your CCTV camera from the outside - if you want to get that working again, you'll need to consult the documentation for the camera to see what ports are required to be opened and secondly you will need to know the private IP address of the camera (ie the address that the Hub has allocated to it). And if you get stuck then come back here, there are plenty of posters who will be able to walk your through setting it all up or at least point you in the right direction.
Thanks guys. I have taken another look at the CCTV settings and found it in UPnP so turned it off. No more mentions in the hub settings so hopefully no more emails about vulnerability. CCTV remote app still workin too!