Archived from groups: microsoft.public.broadbandnet.hardware (More info?)
I have a MN-500 which apparently has the latest updates:
Current Base Station Firmware Version
Version: V1.11.017
Date: 10-03-2003
Recently, I noticed the persistent port-forwarding has
SEVERAL entries that I didn't create. They're all of the
form:
msmsgs (192.168.2.30:x) y UDP
How are they getting into my router if I'm not setting
them? If Microsoft does this behind my back, why am I not
informed?
Are there any known/published security holes in the MN-500
router? Today, it seems that the firewall was deactivated,
even though it said it wasn't. I was able to activate a
P2P client, without enabling any port-forwarding. Once I
logged into the router to see if the firewall was
activated, and checked the settings for port-forwarding,
my P2P client stopped working, complaining of a disconnect.
I have changed my password in the past, and change it
usually once every few months. I have enabled MAC
filtering on the LAN side since almost a year.
My ISP is pretty rotten, but we don't have many choices
for cable-modem access in Montreal. I get HUNDREDS of
entries per day in my log of the following type:
2004/05/13 09:16:22 Connection attempt to base station
from WAN blocked -- src:<24.203.x.y:z> dst:<24.203.a.b:c>
I suspect these are probes from worms (sasser, phatbot,
whatever) and are somewhat normal, given the chaos caused
by the exploitation of unpatched security holes in
Windows.
I'm trying to find out what holes my router has. Thanks,
Cris
I have a MN-500 which apparently has the latest updates:
Current Base Station Firmware Version
Version: V1.11.017
Date: 10-03-2003
Recently, I noticed the persistent port-forwarding has
SEVERAL entries that I didn't create. They're all of the
form:
msmsgs (192.168.2.30:x) y UDP
How are they getting into my router if I'm not setting
them? If Microsoft does this behind my back, why am I not
informed?
Are there any known/published security holes in the MN-500
router? Today, it seems that the firewall was deactivated,
even though it said it wasn't. I was able to activate a
P2P client, without enabling any port-forwarding. Once I
logged into the router to see if the firewall was
activated, and checked the settings for port-forwarding,
my P2P client stopped working, complaining of a disconnect.
I have changed my password in the past, and change it
usually once every few months. I have enabled MAC
filtering on the LAN side since almost a year.
My ISP is pretty rotten, but we don't have many choices
for cable-modem access in Montreal. I get HUNDREDS of
entries per day in my log of the following type:
2004/05/13 09:16:22 Connection attempt to base station
from WAN blocked -- src:<24.203.x.y:z> dst:<24.203.a.b:c>
I suspect these are probes from worms (sasser, phatbot,
whatever) and are somewhat normal, given the chaos caused
by the exploitation of unpatched security holes in
Windows.
I'm trying to find out what holes my router has. Thanks,
Cris