With remote management over HTTP TCP/8080 and and HTTPS TCP/8181 both disabled I am still able to remotely log into my wireless modem through it's WAN IP address over TCP/443. Port forwarding is also disabled.
My Firewall security level is set to "Max" security for IPv4, with all WAN-to-LAN traffic blocked, and Typical for IPv6.
I noticed because when logging in locally at times it says logins have been disabled for 5 minutes because of too many attempts, I suppose tcp/443 is how Shaw is able to connect to my modem and configure things through the website, but I don't want this functionality and I wonder how many Shaw modems out there are getting owned remotely because of these terrible default settings.
Solved! Go to Solution.
This was resolved by support and was my own mistake. I thought my phone was using cellular when I was testing but it was connected to the Wifi so I was allowed to connect to the WAN IP address of the Bluecurve modem. When making an actual remote connection it does not allow the connection to 443.
This was resolved by support and was my own mistake. I thought my phone was using cellular when I was testing but it was connected to the Wifi so I was allowed to connect to the WAN IP address of the Bluecurve modem. When making an actual remote connection it does not allow the connection to 443.
@flerb -- When making an actual remote connection, it does not allow the connection to 443
If it did, one bypass would be to define port-forwarding on the cable-modem, to forward 443/TCP to an unused private IP-address.
So, anybody trying to connect would get a "time-out", because there will be no response from this "black-hole". 🙂