For nearly all home computer users, and many small businesses, the router that connects your home or business to the Internet is the first line of defense. How can you know if there are vulnerable security holes or open ports on your Internet router that might allow access for an attacker?
These routers are also called cable modems or DSL modems, and are usually provided by your Internet service provider. All of the modern routers include a hardware firewall feature that may or may not be turned on by default. Setting up the firewall capabilities in your router is a lesson for another day.
Unfortunately, many of the smart devices we are connecting to our home and business networks open “ports” in the built-in firewall to allow for connections to cloud services that they depend on. Many also come with a feature call UPnP or Universal Plug and Play that can open holes in your firewall and allow for inbound connections from the Internet. These connections may be you monitoring a net cam, or it may be a cyber-criminal taking advantage of weaknesses built in to the newest network toys.
Is it possible for you to find out if there are dangerous open ports on your router. Fortunately, there are a couple of easy ways for you to find this out for yourself. By entering your public Internet address into these tools, you can find out if your router has open vulnerabilities.
- WhatismyIP.com or myIPaddress.com are your first step in identifying your public IP address. You will need to get the IP version 4 address which will look something like 220.127.116.11. IPv6 addresses are longer and contain letters like this: 21:408b55:5:c37:
- Censys.io is a web site where you can scan your router by entering the IP address into the search box. When I searched on my address, it correctly identifies Comcast as my ISP and told me that there were no publicly available services open on my router.
- Shileds UP!! by Gibson Research is another site that works similarly, and will tell you if you have UPnP exposure.
- ZenMap is a Windows version of the well respected port scanning tool nMap. This is an installable program, and may be technically over the head of many readers, but if you are working in information technology, you should be familiar with this program. When I scanned my router using ZenMap, it found open ports on port 80 and 443. These are the ports for web browsing; HTTP and HTTPS respectively. These have to be open on your router for the Internet to be accessible to your computer. The scan results as told me that the router was using SHA-1 encryption, which is no longer considered secure. Its time for me to get a new router from Comcast.
On Wednesday we will look at how to access your router to configure the firewall settings. On Friday we will review how to best secure your IoT devices, if it is possible.
- Fixing Your Infected IoT Devices
- FBI Warns About IOT Vulnerabilities
- Krebs – Securing Your IoT Stuff