Author Topic: Would it be safe to close the port 7547, shown as vulnerable by wifi inspector  (Read 3024 times)

0 Members and 1 Guest are viewing this topic.

Offline jraju

  • Sr. Member
  • ****
  • Posts: 348
Hi, I begin this as a new topic, as i heard the recent router attackers point to this port for attacking the routers. Avast scan, shows vulnerability and one need to close it. Ok.
               But my point is , if the default settings need the port to be open, would it not stop some function of internet access, if you close the port and disable the configuration. What i want to ask it , whether could one safely close the port. I do not know, but most routers have their configurations for tr69 configuration, thro this port. If i disable, as avast could read my external ip, would it not stop any internet access . Suppose, servers are configured in such a way to give you external ips thro this port? i do not know. I want experts from this forum to tell me more on this

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 83341
  • No support PMs thanks
Personally I feel that you this should be in your other topic because it keeps all information together and keeps it in context.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.5.2415 (build 20.5.5410.561) UI-1.0.532/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline jraju

  • Sr. Member
  • ****
  • Posts: 348
Hi, Pl say the topic and then i will join this there. Since it is a general issue, i thought of making a separate topic, sir

Offline jraju

  • Sr. Member
  • ****
  • Posts: 348
Hi, Please also see this link
It says that the vulnerability exists not in tr 69 but it also involves tr 64 outdated.
http://www.qacafe.com/knowledgebase/home-router-attack-tr-069-vulnerability/
The extract is enclosed as jpeg

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31345
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Your ISP is very likely using that port to access the router when needed.
Ask them if they will allow you to close it.

Offline jraju

  • Sr. Member
  • ****
  • Posts: 348
Hi, It is true if they provide the router. Normally that port is used by vendors or other attackers who use that port to peep in to your router. I just unchecked the enabled switch in my router and it is not found again by wifi inspector.Normally you use your own router with isp configuration to get internet access. Most of the service providers do not look deep in to the router whether that port or anyother port is open for vulnerability attacks.
                     They just check in some entries like their circuit , their bb userid pw etc. If something happens, then we could just open the router page to enable it .
                     What is puzzling me, is if i configure router to get auto dns, the avast scan specifically alerts two dns hns hijacked domains vk.com and yandex.ru. Did you hear that eddy?
                         Could it be that the dns autoconfigured dns is going to their websites. I do not know so i ask the forum.
i have not seen vk.com or yandex.ru.
                      Is it example com of hijack or actually compromized dns address. I changed to google dns to rectify that.

Offline jraju

  • Sr. Member
  • ****
  • Posts: 348
Hi,
           Moreover i want to know from staff or fourm members , whether wifi inspector scan only scans the network of all the devices connected , and if it shows the computer is without problem, then is the dns server which is connected thro router (if you have not made any change in the adopter settings outside the router) is the cause for the hijacked domains alert by wifi inspector?
                  How could i check that servers ip, if i select automatically obtain ip address in my ipv4 configuration? How avast comes with that coms? Is it in their data base of scanning sites? or is it found out on scanning individual machines

Offline jraju

  • Sr. Member
  • ****
  • Posts: 348
Hi, expecting some kind of reply

Offline stibi

  • Sr. Member
  • ****
  • Posts: 386
Hi,

maybe you would pack all your questions (about half a dozen over the last days...) together.

Offline jraju

  • Sr. Member
  • ****
  • Posts: 348
Hi, Stibi, i considered your suggestion. But mixing up all questions would not be ideal , if i want clarifications on one subject, but in differrent angles. If answers could be received for specific questions, on the same subject, it will augur well for other users also. sharing is all about.
                       For eg. i raised a question on yandex.ru and vk.com hijack vulnerabilities. Those sites are never touched by me for any purpose. My computer is said to be not infected with any vulnerability but my router was said to be weakly protected. i have changed the dns server and the scan completed without any vulnerability in the future scans. So, there is protection given, when i change the dns. But i raised a query, whether those coms are actually giving me vulnerability or is it example .com shown by avast. This i could not raise in general vulnerabilities to get the apt answer. Anyhow, i will try to ask few questions hereafter