Click here to see if your router is listening on port 32764

[snaphat (Myles Landwehr) Member]

Huh? It's been proven multiple times over by different people and there's exploit code floating around, it's been definitively proven.

He's making the argument that you don't know that unless you specifically run the exploit code yourself and test... 

[riahc3]

Hello,

Why? It's not exactly the first time there is a reported backdoor method to access networking devices. If it were a hoax then it would be found out given that people testing the platforms would not find it. Or are suggesting that all of the various sources are a collective and elaborate orchestrated hoax? Going down the road of having to independently verify everything you read is absurd and impossible.

Why not? Just because once upon two decades ago there was a backdoor* doesnt mean everytime someone says there is a backdoor on the internet, its true...

We have seen collective and elaborated orchestrated hoaxs as well. Why isnt this one another one too?

 

Huh? It's been proven multiple times over by different people and there's exploit code floating around, it's been definitively proven.

Did you yourself test out this exploit code?

My point behind all of this is that some backdoors are extremely exaggerated....I believe most current ones are.

Ive replied everything Ive needed to in this thread without further derailing it. If someone wishes to prove to me about these backdoors, they are more than welcome to :) And no, 1000s of links on a detailed and technical explanation are not proof, they are theories.

* - I also want to point out that there is a difference between a backdoor and a bug. While it may seem intentional, some backdoors might actually be bugs that, for various reasons, may never be patched at left alone

[snaphat (Myles Landwehr) Member]

Hello,

Why not? Just because once upon two decades ago there was a backdoor* doesnt mean everytime someone says there is a backdoor on the internet, its true...

We have seen collective and elaborated orchestrated hoaxs as well. Why isnt this one another one too?

 

No... as in the last one was three months ago. It isn't uncommon and it is probably not intentional in most cases. If there are various sources of evidence and detailed information on how to use the backdoor, it is unlikely to be made up. There is no reason to believe otherwise in the face of reasonable evidence.

 

It's unlikely to be a hoax because it is both falsifiable and verifiable. Hoaxes are neither those things or they are disproven. Again, I really don't understand the logic here. If you were to ignore evidence and make the requirement that you must independently verify everything you wouldn't be able to determine whether anything you read is ever real.

 

 

Ive replied everything Ive needed to in this thread without further derailing it. If someone wishes to prove to me about these backdoors, they are more than welcome to  :) And no, 1000s of links on a detailed and technical explanation are not proof, they are theories.

Explanations on how to exploit a backdoor and detailed discussion are evidence. Thousands of reliable sources would be a whole lot of evidence. You are just pushing the goalpost to absurdity. No-one can test here because we aren't running exploitable routers as you well know. As such, it is unreasonable to ask us to do so.

[The_Decryptor Veteran]

...

Explanations on how to exploit a backdoor and detailed discussion are evidence. Thousands of reliable sources would be a whole lot of evidence. You are just pushing the goalpost to absurdity. No-one can test here because we aren't running exploitable routers as you well know. As such, it is unreasonable to ask us to do so.

And of course trying it on a random router over the internet is illegal, and I'm guessing most people aren't willing to hack into a computer network to prove a point on a forum.

[cork1958]

Of course my router is stealth! ;)

[JonnyLH]

To be fair, a perfectly working router with UPnP/NAT-PMP/PCP can be told to open ports in the firewall without needing a backdoor.

A fair point, but the client inside the LAN still has to establish the UPnP session for the router to open the port to that device. Without that, anything external is blind of anything internal.

Regarding this open port, I doubt it's anything to worry about. People hear phrases like 'open ports' and panic. Its just one step to doing something malicious.

 

Even though NAT wasn't designed to be a security measure, it's a really good one.

[cooky560 Veteran]

port is stealthed here (y)

[The_Decryptor Veteran]

A fair point, but the client inside the LAN still has to establish the UPnP session for the router to open the port to that device. Without that, anything external is blind of anything internal.

Regarding this open port, I doubt it's anything to worry about. People hear phrases like 'open ports' and panic. Its just one step to doing something malicious.

 

Even though NAT wasn't designed to be a security measure, it's a really good one.

Ehh, I've never really felt it was a security measure at all, that's a job for the firewall (Even though it's designed to break end to end connectivity, it's actually fairly easy to punch a hole through a NAT, most software does it automatically these days, the Xbox One punches holes in it for P2P, etc. Even without stuff like UPnP)

[Mandosis]

Stealth

[RottGutt]

Stealth - Netgear R7000

[adrynalyne]

Hello,

There is no backdoor.

Everyone has a backdoor.  In fact, everyone uses it, daily.

[adrynalyne]

It's also why I use whitelisting (any unknown MAC ID gets voted off the network).

MAC filtering is pretty easy to bypass.

 

I was able to get onto a network using MAC filtering by merely spoofing my MAC address.

[hyde+]

MAC filtering is pretty easy to bypass.

I was able to get onto a network using MAC filtering by merely spoofing my MAC address.

You mean you would first have to get one of the allowed mac addresses.

[froggyliver]

Seems like a good way to really hide a backdoor would be having a rule that only IP range X thru X could even access the backdoor. Then it could not even be discovered by anyone else or at least really limited.

[Nashy]

Stealth.  Netgear.... black one.

[The_Decryptor Veteran]

You mean you would first have to get one of the allowed mac addresses.

Which is easy, if you can break the security you can sniff a packet.

[Ian S.]

:shiftyninja: >>Stealth<< :shiftyninja: 

[0nyX]

Closed

[Dinggus]

Closed. So far 103 are closed.

[adrynalyne]

You mean you would first have to get one of the allowed mac addresses.

Attached to every data packet leaving that network, right?

 

I am not a security expert, but from what I have experienced, MAC filtering hasn't hindered nor helped security on a network other than to stop those who wouldn't have the know-how to crack the initial security anyway.  If there was a backdoor on routers, getting a whitelisted MAC I imagine is pretty straightforward.

 

I could be wrong and welcome someone more knowledgeable than me to set me straight in the matter.

[The_Decryptor Veteran]

If the backdoor was publicly accessible, you could simply connect to the router and copy the a MAC address, or modify one to add your box to the allowed list.

MAC filtering is a leftover of the WEP days where somebody could break into your network in a couple of minutes (So every bit of "security" was helpful), now with WPA2-PSK with AES that isn't going to happen, it's easier to physically break in and plug into a switch (Which is the point really, it requires the attacker to have physical access to break in, which should be much harder to overcome)

If somebody can break your AES secured wifi network, then you can be sure as hell that a MAC filter won't hinder them in the slightest.

[JonnyLH]

Ehh, I've never really felt it was a security measure at all, that's a job for the firewall (Even though it's designed to break end to end connectivity, it's actually fairly easy to punch a hole through a NAT, most software does it automatically these days, the Xbox One punches holes in it for P2P, etc. Even without stuff like UPnP)

Not really, everything is blind to anything internal when the gateway is behind a NAT for the simple reason. Every router will drop every packet incoming if it has no entry on the translation table. The only way to 'poke' a hole through NAT is by a client sending a message out on that port, after that any incoming traffic which comes in on that port will be sent to that client.

 

The 360 and X1 used to sometimes get round this by using a flavour of UPnP but it uses the same ideology that the client sends a packet, in which then the servers initiates the stream. UPnP is a standard for how clients establish an entry in the translation table and prompt the device to transmit, but it has to be initiated by the client.

 

So if you wanted to open a port to a client on a LAN behind a NAT for malicious purposes, you have to install some malware on the device you want and time it to be able to send packets at specific times. Keeping in mind that a router will usually drop a entry in the NAT table after only a couple of seconds of inactivity from that client.

[x-scratch]

32764

Stealth Unknown Protocol for this port

Unknown Application for this port

[MillionVoltss]

Stealth AC66U

[xrobwx71]

Buffalo AirStation? Extreme AC 1750 Gigabit Dual Band Wireless Router

Stealth

 

I've been using Steve Gibson's site since the mid 1990's. Thanks for the post!!