02-04-2014 8:49 PM
We have U-verse with a 2-wire 3800HGV. It fails the Security Metrics security audit because it has open ports 3479, 49152 and 61001. There seems to be no way to close these ports. The modem firewall is set to Stealth mode with Maximum Protection and no pinholes or applications selected. This will cost us a substantial amount of money on our merchant credit card usage unless we can resolve this. Is there a way to close these ports on the 3800HGV? Is there another U-verse compatible RG that does not have open ports that can't be closed?
02-04-2014 10:45 PM
02-05-2014 8:19 AM - edited 02-05-2014 8:22 AM
Even purchasing your own router as my thoughs said may not be enough to avoid the credit card company's software identifying these open ports.
You might be able to set up your own router as the DMZPlus device, and that would definitely protect everything behind it, but the merchant credit card company's tools might still identify these ports as being open, because the 2Wire intercepts them before they reach your router.
If they are penalizing you for having these ports open, you might have a discussion with one of their technical people and explain that it's impossible to close these ports on AT&T's U-Verse service, and if they won't budge, then you'll have to investigate a different Internet Service Provider.
10-28-2015 3:45 PM
I'm in IT Security and am helping a Salon owner who was failing her PCI audit for the same reasons. While looking at her vulnerability scan results both tcp/61001 and tcp/3479 where failing due to SSL and TLS vulnerabilities. Her ATT modem has no way to block those in the firewall and it's the first Internet facing device, so I thought we were out of luck. In a last ditch effort I set up two port forwarding rules, one for each, and forwarded it to the router which doesn't have any services listening on those ports. I then confirmed with telnet that the ports are no longer publicly accessible! This got her to pass the audit when they did a rescan. Yay! Still, not cool ATT for opening up insecure services on people's devices with no normal way of shutting them off.
Welcome to the AT&T TV Hub!We have some helpful articles located under TV Hot Topics.On the left you will see DIRECTV and U-verse TV links. Click on those links for more information regarding Apps, Billing, and TV troubleshooting tips.
© 2017 AT&T Intellectual Property.This link will open a new window All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners.
Congratulations! You earned the Liz badge!