//
you're reading...
Deep Packet Analysis, Tips

Port 4567 on Centurylink and Verizon

Little disturbed buzz about 4567 over the last day or two as a few newfags realized that 4567 is open to the world. Well how exactly did you expect that your DSL tech support can tell whether or not your modem is working properly and run speed tests on the link? MAGIC??

4567 is registered as Tram with ICANN and is a remote administration port over UDP. The username and password is available in your modem’s configuration file of you telnet to it on your local network and dump the config file. You will need to decode the password in the config file. BUT to save you some time.. It may or may not look something like this:

username: verizonfios
password: verizonfios

Now, if this was configured correctly by the ISP you also need a private SSL certificate to start communication, so you “shouldn’t” be able to log in. If you want to make an attempt at securing yourself, consider null routing a port forward. For example:

port forward
*:4567 -> 192.168.0.254
in this case a DHCP pool address that should never be hit during a lease reservation timeframe

Port 4567 on Centurylink, Verizon, and Comcast PT2

Advertisements

About Pythorian

Exploration and Production oriented security consultant for securing IT infrastructures relating to natural resources.

Discussion

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: