Apparently the router provided by Verizon FIOS (Actiontec mi424wr) for internet/TV services has an opened port that can give details such as SSID, encryption type, wireless key, and possibly even more and also to people other than verizon. If there isn't a way to block the opened port (port 4567) would it be a good idea to just have the WAN disabled and hookup a sonic wall or two to the router (until we discover those badboys have some kind of backdoor as well lol) and have all computers connected to the sonicwalls or just avoid using the FIOS router entirely?
Blocking the "backdoor" in the FIOS router?
- Thread starter Altiris
- Start date
Solution
- Mar 16, 2013
- 171,421
- 17,889
- 184,590
That port is to allow Verizon techs to see what is going on in case you have to call them with an issue. Or reboot it remotely (you can do this from their website).
Turn off Remote Admin, and presumably no one other than Verizon techs can see what is going on, or access the router.
And if you have Verizon TV service, that ActionTec must be in the chain somewher. It is the central brain for the MoCA protocol, and talks to all the settop boxes. You can add a different downstream router, but that one from Verizon must be in there, as far as I know.
Turn off Remote Admin, and presumably no one other than Verizon techs can see what is going on, or access the router.
And if you have Verizon TV service, that ActionTec must be in the chain somewher. It is the central brain for the MoCA protocol, and talks to all the settop boxes. You can add a different downstream router, but that one from Verizon must be in there, as far as I know.
What could be going wrong with my Internet that would require them to have access to the router?. It's simple enough to solve if the problem of the Internet has to do with a failing hardware device, or conflict in IPs. ...which still may not even be detectable by them accessing the router and shouldn't even happen anyways if you only have one router connected. You didn't really help me answer anything, I am assuming turning off remote administration doesn't block the port, it will still be left open regardless. I don't mind using the fios router for TV as the information on there is nowhere near as important as it is on the Internet. I can always have a CAT5e cable straight from the ONT to another router or still to the fios router.
- Mar 16, 2013
- 171,421
- 17,889
- 184,590
In my ActionTec settings:
Networked Computer / Device Applications & Ports Forwarded WAN Connection Type Status Delete
localhost 127.0.0.1 Verizon FiOS Service Tcp Any -> 4567 All Broadband Devices Active
What might happen that they need to connect to your router? Any of a number of things.
"Hey...my internet doesn't work!"
'Well...lets see whats going on.'
They (or you) can send a reboot signal to the router, they can monitor signal strength (is it a problem in the router, or possibly a bad incoming signal?), etc, etc.
I do not believe there is a way to block that port directly in that router.
Further discussion here:
http://www.dslreports.com/forum/r23856781-Port-4567-open-Actiontec-Router-using-Verizon-FIOS
Specifically:
"Yes, it gives VZ limited access to your router, however, it is an encrypted protocol requiring valid SSL certificates. Not something that is easily hacked. Port 4567 is handled solely within the router and not forwarded to your LAN."
Networked Computer / Device Applications & Ports Forwarded WAN Connection Type Status Delete
localhost 127.0.0.1 Verizon FiOS Service Tcp Any -> 4567 All Broadband Devices Active
What might happen that they need to connect to your router? Any of a number of things.
"Hey...my internet doesn't work!"
'Well...lets see whats going on.'
They (or you) can send a reboot signal to the router, they can monitor signal strength (is it a problem in the router, or possibly a bad incoming signal?), etc, etc.
I do not believe there is a way to block that port directly in that router.
Further discussion here:
http://www.dslreports.com/forum/r23856781-Port-4567-open-Actiontec-Router-using-Verizon-FIOS
Specifically:
"Yes, it gives VZ limited access to your router, however, it is an encrypted protocol requiring valid SSL certificates. Not something that is easily hacked. Port 4567 is handled solely within the router and not forwarded to your LAN."
TRENDING THREADS
-
-
Question I’m going to build a budget pc these are the specs open to advice the budget is £500
- Started by NotSure25
- Replies: 4
-
-
News Chinese may be evading Nvidia GPU sanctions with Dell, Gigabyte, and Supermicro servers: Report- Started by Admin
- Replies: 3
-
Discussion What's your favourite video game you've been playing?- Started by amdfangirl
- Replies: 3K
-
Facebook
Twitter
Instagram