-
Amazon Deals - ToS - Warp
Security Issue In New Airtel Router ZYXEL (Gateway ).
- Thread starter mrps786
- Start date
- Replies 25
- Views 9,401
- Messages
- 1,507
- Location
- Pune
- ISP
- FTTH: Airtel (DHCP v4/v6), TPF (S-IPv6), BSNL (DHCP v4/v6)
5G: Jio
LTE: Airtel, Vi
Let's be very clear, no device connected to the internet is hack proof. You can only upgrade your security via various means but cannot make it hack proof. Even the CIA and FBI have intrusions. A safe device is is one that is switched off 🙂
These consumer routers have basic SPI firewalls it's best to refer to specialist networking sites amd fora to know how to 'harden' these devices and others to the max possible extent. Consider use a dedicated firewall appliance with open source router/firewall software such as pfSense/OPNSense, or closed source Sophos, Check Point etc (which are all expensive) to further protect your network. But we consumers don't need to worry too much, hackers have bigger better targets to attack..both organisations and VIPs. 😉
Net, net - stop being paranoid, take at least basic precautions. Remember, it's the nut behind the keyboard that does the most damage.
These consumer routers have basic SPI firewalls it's best to refer to specialist networking sites amd fora to know how to 'harden' these devices and others to the max possible extent. Consider use a dedicated firewall appliance with open source router/firewall software such as pfSense/OPNSense, or closed source Sophos, Check Point etc (which are all expensive) to further protect your network. But we consumers don't need to worry too much, hackers have bigger better targets to attack..both organisations and VIPs. 😉
Net, net - stop being paranoid, take at least basic precautions. Remember, it's the nut behind the keyboard that does the most damage.
.... OK simple question - why do you have 2 connections from the same provider? If the 2nd one is a backup isn't it better to use another ISP?
@Chip yes simple answer to that is they are two different places with two different connections I just happen to share my previous connection
experience and that airtel is easy to expose to the internet like port forwarding unlike jio with CG Nat And Locked Down Router Even Dns Hard To Change Even Without External Router So I go with Airtel. Unlike At Home Where I host websites for our hospitals and self hosted application like jellyfin. fileserver,guacamole,uptimekuma,duplicati for backups. Those Thing Run Behind Reverse Proxy And Have Static IP Dedicated To It And Run On ( X86 Ryzen Processors.) Very Simple And Humble Setup Not Complicated At All. Here In Delhi Where I Stay As Tenant I own 1 Raspberry Pi 4 (Arm Processor ) I like to host somethings Just To Tinker With Things 😄 Not Going Into Details Very Much. So Back At Home With Nokia Ont It Was Easy Just Port Forward 443 And Proxy Everything.. Behind Reverse Proxy Easy. But With This New Router ZyXEL It Is A Different New Ball Game. Both Port 443 and 80 Cannot Be Forwaded And Are Reserved For Router You Cannot Even Set It In Settings It Gives You A Promt I Have Shared That Screenshot Previously And As Mentioned By Another Person Very Polite Person @rohitks told me that you should turn it off in remote management settings he was right but there is no way to turn it off in setting might be there but right now i am unable to find it.
.
So You Might Be Thinking That He is going on and on with his setup and port forward blah.. blah ...where is his security issue so where is security issue then which is the the main topic of this post so looks like both 80 and 443 port made the router gateway / login page accessible via my public ip on 11th September 2022 that is when i reported airtel that this is happening.. So If I typed my public ip in a browser i could access my router login page.. everyone in this forum is a technical savy in some extend and some are experts too.. we get into router gateway and change password that is admin for both username and password but to a average user who does not care of this and just wants an internet connection at the cheapest rates possible does not care what router he gets just wants internet to work and fast if anyone can get into his/her router with just admin and admin most common password for routers.
Firstly : I get we as consumers are not susceptible to attacks by hackers or anyone we have nothing to give to them there are various big organisations and companies that they rather work on to get data but to saying that as a reason to justify we should not have basic security measure for our routers at home is like closing eye to a problem.😏 if that is being paranoid then I am better off being paranoid.
Secondly :I also that I get free router i do not pay for anything for it and it is combo of router and modem but it has SpI firewall and but if username and password is admin what is the use of any
firewall you have got into the router A firewall is intended for preventing outside attacks if you know the credentials you get in the network end of story. 😉 I am not asking for world class security with encryption and all but if username and password is so easy dont expose it to the internet and at least give end user option to disable it. As I have previously shared my router was accessible via both port 80 and 443 via Public IP if i was not technical savy . My Problem Is Regarding This New Airtel ZYXEL Router.
Thirdly : If you are using internet you should forget about privacy and no device is hackproof no code is bug free i too know that but it is small steps like this that cause damage most big data breach of companies or other things have been caused due to small things just saying no one is trying to hack me who am i am none😁 I am nothing Now many will say what will anyone be able to do if anyone gets into the router there are may things one can do ..
My Intend Not Too Justify Myself But To Make It Clear That Security Issue is Security Issue Even If We Are Not Susceptible No One Is Trying To Hack Me I As I Am Nothing As I have Previously Said But To Justify Security Issue( With No One Is Trying To Hack You Attitude ! Its Ok) Is Not OK It Is Small Steps Like This Which Will Lead To Better And Secure Digital Infrastructure In The Future. With This I Have Tried To Justify The Title Of My Thread Which Is Not Clickbait Or Misleading In Any Way That I Think. I have shared the video and photo in my first post about the vulnerability that i found and reported on 11th September 2022. You Can Have a Look There. As Of Today That Is 15th September 2022 I am No Longer Facing That Issue After I Reported It To Airtel .
@Chip yes simple answer to that is they are two different places with two different connections I just happen to share my previous connection
experience and that airtel is easy to expose to the internet like port forwarding unlike jio with CG Nat And Locked Down Router Even Dns Hard To Change Even Without External Router So I go with Airtel. Unlike At Home Where I host websites for our hospitals and self hosted application like jellyfin. fileserver,guacamole,uptimekuma,duplicati for backups. Those Thing Run Behind Reverse Proxy And Have Static IP Dedicated To It And Run On ( X86 Ryzen Processors.) Very Simple And Humble Setup Not Complicated At All. Here In Delhi Where I Stay As Tenant I own 1 Raspberry Pi 4 (Arm Processor ) I like to host somethings Just To Tinker With Things 😄 Not Going Into Details Very Much. So Back At Home With Nokia Ont It Was Easy Just Port Forward 443 And Proxy Everything.. Behind Reverse Proxy Easy. But With This New Router ZyXEL It Is A Different New Ball Game. Both Port 443 and 80 Cannot Be Forwaded And Are Reserved For Router You Cannot Even Set It In Settings It Gives You A Promt I Have Shared That Screenshot Previously And As Mentioned By Another Person Very Polite Person @rohitks told me that you should turn it off in remote management settings he was right but there is no way to turn it off in setting might be there but right now i am unable to find it.
.
So You Might Be Thinking That He is going on and on with his setup and port forward blah.. blah ...where is his security issue so where is security issue then which is the the main topic of this post so looks like both 80 and 443 port made the router gateway / login page accessible via my public ip on 11th September 2022 that is when i reported airtel that this is happening.. So If I typed my public ip in a browser i could access my router login page.. everyone in this forum is a technical savy in some extend and some are experts too.. we get into router gateway and change password that is admin for both username and password but to a average user who does not care of this and just wants an internet connection at the cheapest rates possible does not care what router he gets just wants internet to work and fast if anyone can get into his/her router with just admin and admin most common password for routers.
Firstly : I get we as consumers are not susceptible to attacks by hackers or anyone we have nothing to give to them there are various big organisations and companies that they rather work on to get data but to saying that as a reason to justify we should not have basic security measure for our routers at home is like closing eye to a problem.😏 if that is being paranoid then I am better off being paranoid.
Secondly :I also that I get free router i do not pay for anything for it and it is combo of router and modem but it has SpI firewall and but if username and password is admin what is the use of any
firewall you have got into the router A firewall is intended for preventing outside attacks if you know the credentials you get in the network end of story. 😉 I am not asking for world class security with encryption and all but if username and password is so easy dont expose it to the internet and at least give end user option to disable it. As I have previously shared my router was accessible via both port 80 and 443 via Public IP if i was not technical savy . My Problem Is Regarding This New Airtel ZYXEL Router.
Thirdly : If you are using internet you should forget about privacy and no device is hackproof no code is bug free i too know that but it is small steps like this that cause damage most big data breach of companies or other things have been caused due to small things just saying no one is trying to hack me who am i am none😁 I am nothing Now many will say what will anyone be able to do if anyone gets into the router there are may things one can do ..
My Intend Not Too Justify Myself But To Make It Clear That Security Issue is Security Issue Even If We Are Not Susceptible No One Is Trying To Hack Me I As I Am Nothing As I have Previously Said But To Justify Security Issue( With No One Is Trying To Hack You Attitude ! Its Ok) Is Not OK It Is Small Steps Like This Which Will Lead To Better And Secure Digital Infrastructure In The Future. With This I Have Tried To Justify The Title Of My Thread Which Is Not Clickbait Or Misleading In Any Way That I Think. I have shared the video and photo in my first post about the vulnerability that i found and reported on 11th September 2022. You Can Have a Look There. As Of Today That Is 15th September 2022 I am No Longer Facing That Issue After I Reported It To Airtel .
- Messages
- 1,507
- Location
- Pune
- ISP
- FTTH: Airtel (DHCP v4/v6), TPF (S-IPv6), BSNL (DHCP v4/v6)
5G: Jio
LTE: Airtel, Vi
@mrps786 phew your reply was quite a read 😀 Anyways, the ZyXEL (this brand of gear brings back many memories) probably has a buggy firmware or Airtel's customisation leave you exposed to the net. Since you're not happy with the router get Airtel to change it for you OR have them switch it to bridge mode and then use a proper router/firewall of your own which gives you complete control over your network's incoming and outgoing traffic. That's what I have done. I really don't rely on the Nokia ONT's basic firewall. Both my connections feed into my pfSense box. I am a happy camper that way.
PS - now you say you're no longer facing this issue since you reported it to Airtel. Even so, I would suggest getting a separate router/firewall of your own for best control over the network.
PS - now you say you're no longer facing this issue since you reported it to Airtel. Even so, I would suggest getting a separate router/firewall of your own for best control over the network.
@Chip Thank You For Your Quick Reply For Taking The Time To Read It 😄. Based On Your Suggestions I have two options set I have some questions also please help out with it.
1. I have asked the local airtel guy to change my router to something different he said it will take 3 to 4 days based on your experience what routers to go for and what routers to avoid ( I know it will be based on what is available right now) Your Suggestions ?
2. I have an TP-Link Archer C6 Lying Around If No Good Option Or Airtel Local Guy Does Not Show Up Will Have Airtel Switch On Bridge Mode.
What Has Been Your Experience With Bridge Mode On Your Router ?
1. I have asked the local airtel guy to change my router to something different he said it will take 3 to 4 days based on your experience what routers to go for and what routers to avoid ( I know it will be based on what is available right now) Your Suggestions ?
2. I have an TP-Link Archer C6 Lying Around If No Good Option Or Airtel Local Guy Does Not Show Up Will Have Airtel Switch On Bridge Mode.
What Has Been Your Experience With Bridge Mode On Your Router ?
- Messages
- 1,507
- Location
- Pune
- ISP
- FTTH: Airtel (DHCP v4/v6), TPF (S-IPv6), BSNL (DHCP v4/v6)
5G: Jio
LTE: Airtel, Vi
@mrps786 I recommend the Nokia if you want to use it either as a dumb ONT or a basic WiFi router. It is rock stable and has stealth mode which I really like + wifi on/off hardware buttons. Only thing I am doubtful you'll get it now since Airtel now supplies other makes and models. Rule of the thumb - get a model that can be bridged. Tell the technician in advance.
Also, remember, ISP supplied CPE is always basic to mid level. If your requirements are higher you should have it bridged via Airtel's backend and use your own router. A TP-Link Archer should do fine. I am not familiar with the C6. But many guys here use TPL models. Bridge mode works perfectly for me. Honestly I couldn't ask for more.
Also, remember, ISP supplied CPE is always basic to mid level. If your requirements are higher you should have it bridged via Airtel's backend and use your own router. A TP-Link Archer should do fine. I am not familiar with the C6. But many guys here use TPL models. Bridge mode works perfectly for me. Honestly I couldn't ask for more.
@mrps786 Ah! So the security flaw was patched. I thought that you were able to access the router login page only via Airtel fiber!
Also, get a Nokia if possible. It is one of the most decent offerings Airtel has. Or maybe had. I hear they have discontinued offering a Nokia now.
And, if you are really hosting a website for a hospital, and any personal data might I recommend getting a real firewall? Assuming of course that you do not deal with user data. If you do, that is a separate story altogether!
Also, get a Nokia if possible. It is one of the most decent offerings Airtel has. Or maybe had. I hear they have discontinued offering a Nokia now.
And, if you are really hosting a website for a hospital, and any personal data might I recommend getting a real firewall? Assuming of course that you do not deal with user data. If you do, that is a separate story altogether!
@doineedto I hope it has been patched. Yes Nokia Is Indeed A Very Good Router. Let Us See What I Can Get . No We Do Not Handle Any Personal Data On Our Hospitals Website It Is Only For Validation Of Our Business Online So I Think I Can Get Away Without A Firewall. Let Us See Till When.
@mrps786
Now what we get is integrated ONT Router which is ont as well as wifi router.
I have zte 670l and after I put it in bridge many functions continue to still work on zte router, which ideally is not desired
e.g. ddns, port forwarding, firewall, alg, dhcp, wifi etc
so what happens is if you leave them running they take precedence for the incoming WAN data.
e.g. in bridge mode if you have port forwarding set on airtel router as well as your router, you hope your router will control it but before that airtel router would already process it.
So when I put my zte in bridge, i turn off all wan related features on it, turn off firewall and turn off wifi and do a proper config on my router which then does all heavy lifting.
This is just about what I observed with my setup, your router may exhibit different behavior and your experience may vary.
I had requested airtel to offer me only dumb ont but they refused stating I will get ont router only. They do not provide only ont.
Last edited:
Similar threads
