Results 1 to 5 of 5

Thread: Speedtouch 858i - some simple questions

  1. #1
    Markus R. Ke▀ler
    Guest

    Speedtouch 858i - some simple questions

    Dear all,

    this afternoon my ISP (German Tele2) had activated my adsl account. They
    gave me a Thomson Speedtouch 858i cable modem, but, something is
    still not clear to me - maybe someone out has the same modem and knows if
    the following things are "bugs" or "features".

    - "Inside" my network I see several services running on the 858 - at least
    one, let's say httpd is needed to configure the box. But:

    $ nmap 192.168.1.254

    Starting nmap 3.55 ( http://www.insecure.org/nmap/ ) at 2009-08-08 21:07 CEST
    Interesting ports on 192.168.1.254:
    (The 1654 ports scanned but not shown below are in state: filtered)
    PORT STATE SERVICE
    21/tcp open ftp
    23/tcp open telnet
    80/tcp open http
    443/tcp open https
    1723/tcp open pptp
    8080/tcp closed http-proxy

    Well, this is "inside", i.e. the "LAN" side, but, it seems to me, that all
    these ports are visible from "outside" too. When I look which IP the
    router has in the internet and I check this too, then the same ports are
    open and accessible from outside. I consider this to be a security lack.

    Is this normal?
    Can access from outside be disabled as known from Cisco / Linksys?

    - Furthermore, it seems to me that there's no way to manually start and
    stop an internet connection. In the web based config menu you can start /
    stop such a connection, but in my experience the modem establishes a
    connection to the isp as soon as you plug in the dsl / telephone cable
    into the 858.

    Is this correct? Or can the 858 be configured in the way that a
    connection is only set up when packets are passed to the 858i as the
    default gateway, and after a certain timeout where nothing is transmitted,
    the 858 stops the connection?

    Thanks for any hint!

    Best regards,

    Markus

    --
    Please reply to group only.
    For private email please use http://www.dipl-ing-kessler.de/email.htm


  2. #2
    KR
    Guest

    Re: Speedtouch 858i - some simple questions

    On 08.08.2009 21:34, Markus R. Ke▀ler wrote:
    >
    > Well, this is "inside", i.e. the "LAN" side, but, it seems to me, that all
    > these ports are visible from "outside" too. When I look which IP the
    > router has in the internet and I check this too, then the same ports are
    > open and accessible from outside. I consider this to be a security lack.


    Did you check from the outside? Or did you connect to the external IP
    address from the inside?

    To truly scan from the outside, use a port scanning service like
    ShieldsUp (https://www.grc.com/x/ne.dll?bh0bkyd2).

  3. #3
    Markus R. Ke▀ler
    Guest

    Re: Speedtouch 858i - some simple questions

    Am Sun, 09 Aug 2009 02:11:17 +0200 schrieb KR:

    > On 08.08.2009 21:34, Markus R. Ke▀ler wrote:
    >>
    >> Well, this is "inside", i.e. the "LAN" side, but, it seems to me, that all
    >> these ports are visible from "outside" too. When I look which IP the
    >> router has in the internet and I check this too, then the same ports are
    >> open and accessible from outside. I consider this to be a security lack.

    >
    > Did you check from the outside? Or did you connect to the external IP
    > address from the inside?
    >
    > To truly scan from the outside, use a port scanning service like
    > ShieldsUp (https://www.grc.com/x/ne.dll?bh0bkyd2).


    Hi,

    thanks for your hint!

    The portscan service from above tells there was no port open. I also
    tried to ping the router from a foreign server where I was logged in with
    only lost packets. So, in this configuration the Speedtouch seems to be
    secure. But it still makes me nervous that there are no options like
    "remote control on/off", no clear forwarding table etc., as known from
    Linksys / Cisco. This looks to me that the Speedtouch was rather designed
    for "gamers".

    The next point is that there's no option to setup and close a connection
    to the internet. When the cables are plugged in, then the internet
    connection is "always on". In my opinion it would be more secure to be
    online only during the time when packets are transmitted.

    Thanks again,
    best regards,

    Markus

    --
    Please reply to group only.
    For private email please use http://www.dipl-ing-kessler.de/email.htm


  4. #4
    Bill M.
    Guest

    Re: Speedtouch 858i - some simple questions

    On Sun, 09 Aug 2009 16:59:20 +0200, Markus R. Ke▀ler
    <dimke.fax@uni.de> wrote:

    >Am Sun, 09 Aug 2009 02:11:17 +0200 schrieb KR:
    >
    >> On 08.08.2009 21:34, Markus R. Ke▀ler wrote:
    >>>
    >>> Well, this is "inside", i.e. the "LAN" side, but, it seems to me, that all
    >>> these ports are visible from "outside" too. When I look which IP the
    >>> router has in the internet and I check this too, then the same ports are
    >>> open and accessible from outside. I consider this to be a security lack.

    >>
    >> Did you check from the outside? Or did you connect to the external IP
    >> address from the inside?
    >>
    >> To truly scan from the outside, use a port scanning service like
    >> ShieldsUp (https://www.grc.com/x/ne.dll?bh0bkyd2).

    >
    >Hi,
    >
    >thanks for your hint!
    >
    >The portscan service from above tells there was no port open. I also
    >tried to ping the router from a foreign server where I was logged in with
    >only lost packets. So, in this configuration the Speedtouch seems to be
    >secure. But it still makes me nervous that there are no options like
    >"remote control on/off", no clear forwarding table etc., as known from
    >Linksys / Cisco. This looks to me that the Speedtouch was rather designed
    >for "gamers".


    You've already verified that no ports were open at the time of your
    test, so what exactly is making you nervous? How do "gamers" enter the
    picture?

    >The next point is that there's no option to setup and close a connection
    >to the internet. When the cables are plugged in, then the internet
    >connection is "always on". In my opinion it would be more secure to be
    >online only during the time when packets are transmitted.


    The best thing about an 'always-on' connection is that it's always on.
    If you're concerned, use a firewall or NAT router, close any ports
    that don't need to be open, shut down any unneeded services that are
    listening for traffic, employ good antivirus and antimalware programs,
    and practice safe computing.

    --
    Bill

  5. #5
    Markus R. Ke▀ler
    Guest

    Re: Speedtouch 858i - some simple questions

    Am Sun, 09 Aug 2009 12:51:24 -0500 schrieb Bill M.:

    > On Sun, 09 Aug 2009 16:59:20 +0200, Markus R. Ke▀ler
    > <dimke.fax@uni.de> wrote:
    >
    >>Am Sun, 09 Aug 2009 02:11:17 +0200 schrieb KR:
    >>
    >>> On 08.08.2009 21:34, Markus R. Ke▀ler wrote:
    >>>>
    >>>> Well, this is "inside", i.e. the "LAN" side, but, it seems to me, that all
    >>>> these ports are visible from "outside" too. When I look which IP the
    >>>> router has in the internet and I check this too, then the same ports are
    >>>> open and accessible from outside. I consider this to be a security lack.
    >>>
    >>> Did you check from the outside? Or did you connect to the external IP
    >>> address from the inside?
    >>>
    >>> To truly scan from the outside, use a port scanning service like
    >>> ShieldsUp (https://www.grc.com/x/ne.dll?bh0bkyd2).

    >>
    >>Hi,
    >>
    >>thanks for your hint!
    >>
    >>The portscan service from above tells there was no port open. I also
    >>tried to ping the router from a foreign server where I was logged in with
    >>only lost packets. So, in this configuration the Speedtouch seems to be
    >>secure. But it still makes me nervous that there are no options like
    >>"remote control on/off", no clear forwarding table etc., as known from
    >>Linksys / Cisco. This looks to me that the Speedtouch was rather designed
    >>for "gamers".

    >
    > You've already verified that no ports were open at the time of your
    > test, so what exactly is making you nervous? How do "gamers" enter the
    > picture?


    Coming from Linksys configuration I'm used to see a clear table in which
    I can enter my - for instance - port forwarding rules.
    Speedtouch describes these need with words like "share internet games" and
    so on. The word "game" is one of the most used in the config menu.

    >>The next point is that there's no option to setup and close a connection
    >>to the internet. When the cables are plugged in, then the internet
    >>connection is "always on". In my opinion it would be more secure to be
    >>online only during the time when packets are transmitted.

    >
    > The best thing about an 'always-on' connection is that it's always on.
    > If you're concerned, use a firewall or NAT router, close any ports that
    > don't need to be open, shut down any unneeded services that are
    > listening for traffic, employ good antivirus and antimalware programs,
    > and practice safe computing.


    Firewall is the next issue. Cisco etc. provide clear filter rules where
    you can define which demand has to be processed and which to be declined.
    Speedtouch also uses words like pass a "game" through the router.
    Why? This doesn't sound serious.

    And, there is nowhere to be read if this box is doing NAT, or Masquerading
    or what else. How can you rely on its protection?

    Of course I only use the minimum count of services and constantly check
    all my machines with tools like nmap for accidentally opened ports.
    But the "feeling" I have when using devices like Speedtouch isn't as good
    as when using professional gear like Cisco. Don't you agree?

    Best regards,

    Markus

    --
    Please reply to group only.
    For private email please use http://www.dipl-ing-kessler.de/email.htm


Similar Threads

  1. problem in resetting speedtouch 585....Help please
    By speedtouch in forum General Broadband Forum
    Replies: 2
    Last Post: 02-11-09, 12:13 PM
  2. 2 simple questions
    By Rivas in forum Hardware & Overclocking
    Replies: 5
    Last Post: 01-06-08, 12:27 PM
  3. 2 Simple Questions !!!
    By LuckyInKentucky in forum General Broadband Forum
    Replies: 12
    Last Post: 03-25-07, 10:34 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •