Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: jraju on May 12, 2017, 03:45:41 PM

Title: Would it be safe to close the port 7547, shown as vulnerable by wifi inspector
Post by: jraju on May 12, 2017, 03:45:41 PM

Hi, I begin this as a new topic, as i heard the recent router attackers point to this port for attacking the routers. Avast scan, shows vulnerability and one need to close it. Ok.
               But my point is , if the default settings need the port to be open, would it not stop some function of internet access, if you close the port and disable the configuration. What i want to ask it , whether could one safely close the port. I do not know, but most routers have their configurations for tr69 configuration, thro this port. If i disable, as avast could read my external ip, would it not stop any internet access . Suppose, servers are configured in such a way to give you external ips thro this port? i do not know. I want experts from this forum to tell me more on this

Title: Re: Would it be safe to close the port 7547, shown as vulnerable by wifi inspector
Post by: DavidR on May 12, 2017, 04:28:06 PM

Personally I feel that you this should be in your other topic because it keeps all information together and keeps it in context.

Title: Re: Would it be safe to close the port 7547, shown as vulnerable by wifi inspector
Post by: jraju on May 13, 2017, 05:57:03 AM

Hi, Pl say the topic and then i will join this there. Since it is a general issue, i thought of making a separate topic, sir

Title: Re: Would it be safe to close the port 7547, shown as vulnerable by wifi inspector
Post by: jraju on May 13, 2017, 06:21:46 AM

Hi, Please also see this link
It says that the vulnerability exists not in tr 69 but it also involves tr 64 outdated.
http://www.qacafe.com/knowledgebase/home-router-attack-tr-069-vulnerability/
The extract is enclosed as jpeg

Title: Re: Would it be safe to close the port 7547, shown as vulnerable by wifi inspector
Post by: Eddy on May 13, 2017, 11:21:19 AM

Your ISP is very likely using that port to access the router when needed.
Ask them if they will allow you to close it.

Title: Re: Would it be safe to close the port 7547, shown as vulnerable by wifi inspector
Post by: jraju on May 13, 2017, 01:13:50 PM

Hi, It is true if they provide the router. Normally that port is used by vendors or other attackers who use that port to peep in to your router. I just unchecked the enabled switch in my router and it is not found again by wifi inspector.Normally you use your own router with isp configuration to get internet access. Most of the service providers do not look deep in to the router whether that port or anyother port is open for vulnerability attacks.
                     They just check in some entries like their circuit , their bb userid pw etc. If something happens, then we could just open the router page to enable it .
                     What is puzzling me, is if i configure router to get auto dns, the avast scan specifically alerts two dns hns hijacked domains vk.com and yandex.ru. Did you hear that eddy?
                         Could it be that the dns autoconfigured dns is going to their websites. I do not know so i ask the forum.
i have not seen vk.com or yandex.ru.
                      Is it example com of hijack or actually compromized dns address. I changed to google dns to rectify that.

Title: Re: Would it be safe to close the port 7547, shown as vulnerable by wifi inspector
Post by: jraju on May 15, 2017, 05:46:28 AM

Hi,
           Moreover i want to know from staff or fourm members , whether wifi inspector scan only scans the network of all the devices connected , and if it shows the computer is without problem, then is the dns server which is connected thro router (if you have not made any change in the adopter settings outside the router) is the cause for the hijacked domains alert by wifi inspector?
                  How could i check that servers ip, if i select automatically obtain ip address in my ipv4 configuration? How avast comes with that coms? Is it in their data base of scanning sites? or is it found out on scanning individual machines

Title: Re: Would it be safe to close the port 7547, shown as vulnerable by wifi inspector
Post by: jraju on May 19, 2017, 06:24:03 AM

Hi, expecting some kind of reply

Title: Re: Would it be safe to close the port 7547, shown as vulnerable by wifi inspector
Post by: stibi on May 19, 2017, 10:09:37 AM

Hi,

maybe you would pack all your questions (about half a dozen over the last days...) together.

Title: Re: Would it be safe to close the port 7547, shown as vulnerable by wifi inspector
Post by: jraju on May 19, 2017, 01:48:28 PM

Hi, Stibi, i considered your suggestion. But mixing up all questions would not be ideal , if i want clarifications on one subject, but in differrent angles. If answers could be received for specific questions, on the same subject, it will augur well for other users also. sharing is all about.
                       For eg. i raised a question on yandex.ru and vk.com hijack vulnerabilities. Those sites are never touched by me for any purpose. My computer is said to be not infected with any vulnerability but my router was said to be weakly protected. i have changed the dns server and the scan completed without any vulnerability in the future scans. So, there is protection given, when i change the dns. But i raised a query, whether those coms are actually giving me vulnerability or is it example .com shown by avast. This i could not raise in general vulnerabilities to get the apt answer. Anyhow, i will try to ask few questions hereafter