Helpful Links

2-Wire 3800HGV Has open ports. Fails security scan.

Contributor

2-Wire 3800HGV Has open ports. Fails security scan.

We have U-verse with a 2-wire 3800HGV.  It fails the Security Metrics security audit because it has open ports 3479, 49152 and 61001.  There seems to be no way to close these ports.  The modem firewall is set to Stealth mode with Maximum Protection and no pinholes or applications selected.  This will cost us a substantial amount of money on our merchant credit card usage unless we can resolve this.  Is there a way to close these ports on the 3800HGV?  Is there another U-verse compatible RG that does not have open ports that can't be closed?

1,484 Views
Message 1 of 4
Employee

Re: 2-Wire 3800HGV Has open ports. Fails security scan.

To my knowledge, the ports mentioned are for software updates that ATT sends out, approximately once per quarter.

All Uverse RGs are set to take uptakes, the only way I am aware of is to purchase your own router that has the features you require and place behind the RG in DMZ mode

But I do not know everything.
Employee Contributor*
*I am an AT&T employee and the postings on this site are my own and don't necessarily represent AT&T's position, strategies or opinions.
Message 2 of 4
Highlighted
Expert

Re: 2-Wire 3800HGV Has open ports. Fails security scan.

Even purchasing your own router as my thoughs said may not be enough to avoid the credit card company's software identifying these open ports.

 

You might be able to set up your own router as the DMZPlus device, and that would definitely protect everything behind it, but the merchant credit card company's tools might still identify these ports as being open, because the 2Wire intercepts them before they reach your router.

 

If they are penalizing you for having these ports open, you might have a discussion with one of their technical people and explain that it's impossible to close these ports on AT&T's U-Verse service, and if they won't budge, then you'll have to investigate a different Internet Service Provider.

 

Message 3 of 4
Contributor

Re: 2-Wire 3800HGV Has open ports. Fails security scan.

Hello,

 

I'm in IT Security and am helping a Salon owner who was failing her PCI audit for the same reasons.  While looking at her vulnerability scan results both tcp/61001 and tcp/3479 where failing due to SSL and TLS vulnerabilities.  Her ATT modem has no way to block those in the firewall and it's the first Internet facing device, so I thought we were out of luck.  In a last ditch effort I set up two port forwarding rules, one for each, and forwarded it to the router which doesn't have any services listening on those ports.  I then confirmed with telnet that the ports are no longer publicly accessible!  This got her to pass the audit when they did a rescan.  Yay!  Still, not cool ATT for opening up insecure services on people's devices with no normal way of shutting them off.

Message 4 of 4
Share this topic
Announcements

Welcome to the AT&T TV Hub!
We have some helpful articles located under TV Hot Topics.
On the left you will see DIRECTV and U-verse TV links. Click on those links for more information regarding Apps, Billing, and TV troubleshooting tips.

Additional Support