Now what you've all been waiting for: EXTENSIVE PORT SCANS IN BOTH TCP AND UDP. First, I'll explain a bit about the basic security these things offer...
As you may know, each unit is an NAT (Network Address Translator) firewall. This means that your specific IP address is never visible, or reachable to the public. The only way someone can reach your PC over the internet is by way of your public IP address, and go through the router. It's up to you to tell the router that you want to let the public access your PC through certain ports (specified by you in the Virtual Server setup). Many routers allow you to leave your PC entirely open to the public, as if the router didn't exist. This is often called "DMZ", or "Demilitarized Zone".
So why bother with security? If no-one can ever access your PC anyway, how can it matter? It matters because some routers leave ports open to the public! Some of them, like the ZyXEL and Netgear, allow you to filter ports, for remote access to the routers, and others don't leave any open at all. We are here to tell you which routers have security leaks, and how big the leak might be.
To test the security of the routers, we used Secure-Me.net's FULL port scan service. This way, over 2000 ports each of TCP and UDP are scanned. You can head over there and do a basic scan for free, but you are limited to the basic TCP ports, and no UDP ports. On top of that, you'll be waiting in the queue for quite a while.
*** PLEASE NOTE that I am NOT a security expert or a hacker. I can show you which ports are left open, and my best idea of what security risks may be present, but that's about it. If any of you would like to clue me in on what kind of problems leaving these ports open on these routers can present, PLEASE contact me. I will update this page right away.
And the Results:
Umax Ugate 3000
Having port 67 open is probably safe, but DEFINITELY not port 69. This will allow basically anyone to connect to your router via a TFTP client. I'm not entirely sure what they can do in there, but it can't be good...
These ports are all filtered, you're pretty safe.
MacSense XRouter Pro
Again, we see an open TFTP port. Not good. Leaving port 520 open on your PC is usually dangerous, since it is vulnerable to RIP 'tracefile' attacks. I'm not sure if anything can be done with a router though...
ZyXEL Prestige 300
Port 113 is an authorization port, and is very likely to be harmless.
No Response! This is a good thing.
Again, the TCP port 113 is left unfiltered, but there should be no problems with this. Random scans might see this and think that there are other ports open, but as you can see, there aren't. :-)
UPDATE [07.27.00] - Thanks for everyone who told us that port 113 is used as authentication purposes only. This means that if your router leaves this port open, you're pretty safe.
The routers that I found to have the scariest security are both the Umax UGate 3000 and the Macsense XRouter PRO. They blatantly leave the TFTP port open to the public. This is a known security leak, and I'm pretty sure hackers can have a heyday with systems that are open like this. Hey I'm not a hacker, so if I am wrong, please let me know (be polite though, please).
Cable/xDSL Router Shootout Part 2 Table of Contents:
Page 1: Introduction
Copyright © 2000, 2001, 2002 hardCOREware. All rights reserved.
All trademarks used are properties of their respective owners.
Use IE5 or 6 to see this page properly. 1024x768 resolution is a minimum.
32 bit colour is recommended. Our Privacy Statement