Jump to solution

Remote connection to BlueCurve modem can't be disabled

flerb
Grasshopper
‎2020-10-12 05:41 PM

With remote management over HTTP TCP/8080 and and HTTPS TCP/8181 both disabled I am still able to remotely log into my wireless modem through it's WAN IP address over TCP/443. Port forwarding is also disabled.

My Firewall security level is set to "Max" security for IPv4, with all WAN-to-LAN traffic blocked, and Typical for IPv6.

I noticed because when logging in locally at times it says logins have been disabled for 5 minutes because of too many attempts, I suppose tcp/443 is how Shaw is able to connect to my modem and configure things through the website, but I don't want this functionality and I wonder how many Shaw modems out there are getting owned remotely because of these terrible default settings.

 

 

0 Kudos
Reply
1 Solution

Accepted Solutions
Jump to solution

This was resolved by support and was my own mistake. I th...

flerb
Grasshopper
‎2020-10-12 07:41 PM

This was resolved by support and was my own mistake. I thought my phone was using cellular when I was testing but it was connected to the Wifi so I was allowed to connect to the WAN IP address of the Bluecurve modem. When making an actual remote connection it does not allow the connection to 443.

View solution in original post

Reply
Reply
Loading...
2 Replies
Jump to solution

This was resolved by support and was my own mistake. I th...

flerb
Grasshopper
‎2020-10-12 07:41 PM

This was resolved by support and was my own mistake. I thought my phone was using cellular when I was testing but it was connected to the Wifi so I was allowed to connect to the WAN IP address of the Bluecurve modem. When making an actual remote connection it does not allow the connection to 443.

Reply
Reply
Loading...
Jump to solution

-- When making an actual remote connection, it does not a...

mdk
Legendary Grand Master
‎2020-10-13 08:28 AM

@flerb -- When making an actual remote connection, it does not allow the connection to 443

If it did, one bypass would be to define port-forwarding on the cable-modem, to forward 443/TCP to an unused private IP-address.

So, anybody trying to connect would get a "time-out", because there will be no response from this "black-hole". 🙂

 

0 Kudos
Reply
Reply
Loading...
TALK TO US
We're here to help
Chat on Messenger
Direct Message on Twitter