Security Issue In New Airtel Router ZYXEL (Gateway ).

  • Thread starter Thread starter mrps786
  • Start date Start date
  • Replies Replies 25
  • Views Views 9,764
Without seeing your full setup I can just make a guesswork.

Somewhere you have remote management settings deep inside the options, where 443 is already used. Check if you can access those settings and change it there to something else.

Generally Airtel blocks 80 & 443 at least at my end, they are blocked.

For other ports, for port forwarding to work, following must happen
1. ISP does not block the port
2. Firewall in router is relaxed
3. Correct port forwarding rule setup
4. Firewall on destination is relaxed
5. You have a proper service listening on that port & active on destination

On your windows pc enable remote desktop and that will run terminal client on TCP 3389, now disable firewalls in both windows and router (for the time being) and create port forwarding for TCP 3389. Go to yougetsignal.com and test it out.
 
@mrps786 let me make it easy for you - please do not quote in an active thread i.e. one that has active ongoing discussions such as this one. It's one of the main reasons people get penalty points and should that continue it results in a ban. Familiarise yourself with the rules please. I also have the distinction of earning penalty points after signing up and was probably close to getting banned in the past. LOL! 😀

PS - why in the world did you have your Nokia changed? All you had to do was put it into bridge mode (via Airtel) and then use a powerful router of your own for better coverage. Trust me, the Nokia is very stable ( I have two - one from Airtel and one TPBB) and I refused to change it even when upgrading to 1 Gig where Airtel replaces it with another brand of router Sercomm or something.
 
Last edited:
@Sleet0635 and @Chip first of all thank you for correcting my mistake I will never repeat this mistake again It took me a while to understand it 😄. Secondly @Chip I did not get my router replaced it . It is what i got in the first place this is my second connection i have airtel connection with a Nokia router at home. Which is very good agree with you on that. This is what we are getting these days. ZyXEL.
WhRUvcQH
 
It's very likely that you can access port 80 on <PUBLIC IP> from your router's LAN but not from other networks....
@wheatbread it was happening before might by due to nat loopback but i was able to port forward all ports except 80 and 443 but after i mailed airtel i cannot even port forward even a single port even with DMZ enabled and firewall turned off.
 
ok simple question - why do you have 2 connections from the same provider? If the 2nd one is a backup isn't it better to use another ISP? My primary line is airtel and backup is Tata Play.
 
From what I glean, there is no security issue in the ONT?
Might want to change the name of the thread if it's permitted. No point in alarming people unnecessarily!
 


Let's be very clear, no device connected to the internet is hack proof. You can only upgrade your security via various means but cannot make it hack proof. Even the CIA and FBI have intrusions. A safe device is is one that is switched off 🙂

These consumer routers have basic SPI firewalls it's best to refer to specialist networking sites amd fora to know how to 'harden' these devices and others to the max possible extent. Consider use a dedicated firewall appliance with open source router/firewall software such as pfSense/OPNSense, or closed source Sophos, Check Point etc (which are all expensive) to further protect your network. But we consumers don't need to worry too much, hackers have bigger better targets to attack..both organisations and VIPs. 😉

Net, net - stop being paranoid, take at least basic precautions. Remember, it's the nut behind the keyboard that does the most damage.
 
.... OK simple question - why do you have 2 connections from the same provider? If the 2nd one is a backup isn't it better to use another ISP?
@Chip yes simple answer to that is they are two different places with two different connections I just happen to share my previous connection
experience and that airtel is easy to expose to the internet like port forwarding unlike jio with CG Nat And Locked Down Router Even Dns Hard To Change Even Without External Router So I go with Airtel. Unlike At Home Where I host websites for our hospitals and self hosted application like jellyfin. fileserver,guacamole,uptimekuma,duplicati for backups. Those Thing Run Behind Reverse Proxy And Have Static IP Dedicated To It And Run On ( X86 Ryzen Processors.) Very Simple And Humble Setup Not Complicated At All. Here In Delhi Where I Stay As Tenant I own 1 Raspberry Pi 4 (Arm Processor ) I like to host somethings Just To Tinker With Things 😄 Not Going Into Details Very Much. So Back At Home With Nokia Ont It Was Easy Just Port Forward 443 And Proxy Everything.. Behind Reverse Proxy Easy. But With This New Router ZyXEL It Is A Different New Ball Game. Both Port 443 and 80 Cannot Be Forwaded And Are Reserved For Router You Cannot Even Set It In Settings It Gives You A Promt I Have Shared That Screenshot Previously And As Mentioned By Another Person Very Polite Person @rohitks told me that you should turn it off in remote management settings he was right but there is no way to turn it off in setting might be there but right now i am unable to find it.
.
So You Might Be Thinking That He is going on and on with his setup and port forward blah.. blah ...where is his security issue so where is security issue then which is the the main topic of this post so looks like both 80 and 443 port made the router gateway / login page accessible via my public ip on 11th September 2022 that is when i reported airtel that this is happening.. So If I typed my public ip in a browser i could access my router login page.. everyone in this forum is a technical savy in some extend and some are experts too.. we get into router gateway and change password that is admin for both username and password but to a average user who does not care of this and just wants an internet connection at the cheapest rates possible does not care what router he gets just wants internet to work and fast if anyone can get into his/her router with just admin and admin most common password for routers.

Firstly : I get we as consumers are not susceptible to attacks by hackers or anyone we have nothing to give to them there are various big organisations and companies that they rather work on to get data but to saying that as a reason to justify we should not have basic security measure for our routers at home is like closing eye to a problem.😏 if that is being paranoid then I am better off being paranoid.

Secondly :I also that I get free router i do not pay for anything for it and it is combo of router and modem but it has SpI firewall and but if username and password is admin what is the use of any
firewall you have got into the router A firewall is intended for preventing outside attacks if you know the credentials you get in the network end of story. 😉 I am not asking for world class security with encryption and all but if username and password is so easy dont expose it to the internet and at least give end user option to disable it. As I have previously shared my router was accessible via both port 80 and 443 via Public IP if i was not technical savy . My Problem Is Regarding This New Airtel ZYXEL Router.

Thirdly : If you are using internet you should forget about privacy and no device is hackproof no code is bug free i too know that but it is small steps like this that cause damage most big data breach of companies or other things have been caused due to small things just saying no one is trying to hack me who am i am none😁 I am nothing Now many will say what will anyone be able to do if anyone gets into the router there are may things one can do ..

My Intend Not Too Justify Myself But To Make It Clear That Security Issue is Security Issue Even If We Are Not Susceptible No One Is Trying To Hack Me I As I Am Nothing As I have Previously Said But To Justify Security Issue( With No One Is Trying To Hack You Attitude ! Its Ok) Is Not OK It Is Small Steps Like This Which Will Lead To Better And Secure Digital Infrastructure In The Future. With This I Have Tried To Justify The Title Of My Thread Which Is Not Clickbait Or Misleading In Any Way That I Think. I have shared the video and photo in my first post about the vulnerability that i found and reported on 11th September 2022. You Can Have a Look There. As Of Today That Is 15th September 2022 I am No Longer Facing That Issue After I Reported It To Airtel .
 
@doineedto ...................From what I glean, there is no security issue in the ONT?
Please Take A Look Here Into This.....video which show the process i got into router Video. With Public IP.
As Reported On 11th September 2022.
 
@mrps786 phew your reply was quite a read 😀 Anyways, the ZyXEL (this brand of gear brings back many memories) probably has a buggy firmware or Airtel's customisation leave you exposed to the net. Since you're not happy with the router get Airtel to change it for you OR have them switch it to bridge mode and then use a proper router/firewall of your own which gives you complete control over your network's incoming and outgoing traffic. That's what I have done. I really don't rely on the Nokia ONT's basic firewall. Both my connections feed into my pfSense box. I am a happy camper that way.

PS - now you say you're no longer facing this issue since you reported it to Airtel. Even so, I would suggest getting a separate router/firewall of your own for best control over the network.