What's on Port 22 on the Zero Hub

cossoft · ‎15-06-2015

I've just gotten the following after an internal scan of my new Zero hub:-
Starting Nmap 6.40 ( http://nmap.org ) at 2015-06-17 00:12 BST
Nmap scan report for dsldevice.lan (192.168.1.254)
Host is up (0.019s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
22/tcp filtered ssh
80/tcp open http

What's on port 22? In what way is it filtered?

Is it a secret back door port filtered for plusnet HQ ips? Can plusnet access my LAN without me knowing?

chenks76 · ‎24-10-2013

it's for ssh (it tells you that on the date you posted).
port 22 is the standard port for ssh access.
it allows you to ssh on to the router, as opposed to using the web interface.

Chris · ‎05-04-2007

Nothing to be concerned about, it allows SSH access to your router as chenks76 says.

Former Plusnet Staff member. Posts after 31st Jan 2020 are not on behalf of Plusnet.

cossoft · ‎15-06-2015

I can't connect to it. It just times out with no prompt. And why is it showing as filtered? Surely it should show as open? Has anyone else ever connected to this port on a Zero router?

chenks76 · ‎24-10-2013

how are you trying to connect to it?
are you attempting to use an ssh connection? if so, what user/pass are you using when trying.

ejs · ‎10-06-2010

There was some discussion about enabling ssh access in the thread Unlocking the potential of Sagemcom 2704N. I think ssh is inaccessible in the default configuration.

cossoft · ‎15-06-2015

Can't connect at all, never mind getting to a login prompt. All I get is a network time out when I try it with putty. I'd expect this with a filtered port.
Just read the thread on unlocking the router. Have to say that it's pretty poor form for Plusnet to provide you a router that you own that's locked down. It's not what I'd expect from a professional isp.
One redeeming grace is that I got my service as part of a sale so the broadband is totally free. This means I can consider moving straight away to another isp without loosing any money

I've also got another router to use so will probably try that first though. I don't trust companies that supply kit with secret back doors.

chenks76 · ‎24-10-2013

you'll find that all ISP supplied routers are locked down to some extent.
and where did you get the "secret back door" idea from? - you've been told already that it's not a secret back door.
why don't you try listening in future rather then creating little fairy tails in your head.

C1Rider · ‎06-01-2015

You could try : -
telnet 192.168.1.254 22 from the CLI, or cmd line if you use Micro$oft.
and see what happens. - be ready with user admin and your password.
Anyway, you really don't want port 22 available outside your local network ( filtered probably means that it isn't ) or the script kiddies will hammer it, and port 5060 for that matter.

Regards..

cossoft · ‎15-06-2015

Quote from: chenks76
...you've been told already that it's not a secret back door.

What? WHAT?

Is that a serious comment - or are you having a larf? You've been told that it's not a secret back door! You've been told all the huge corporations have your best interests at heart. Please.
I worry when I see a port on my sealed kit restricted to only a secret range of ip addresses. Why is the port filtered, and what ip addresses are passable? If ssh access wasn't required to the Zero hub, why have a ssh server running on port 22? Just don't start it up in the first place - that's the secure thing to do. If you have any security experience, you'll find that it's standard practice is to not have unnecessary services running.
Are you aware of any ports secretly filtered on your bank's web site?

cossoft · ‎15-06-2015

Quote from: C1Rider
You could try : -
telnet 192.168.1.254 22 from the CLI...

I've said previously that all you get is a network timeout unfortunately. There's no opportunity to enter a login... If ssh service is not required, why has a listener been started on port 22? The administration gui is unsuitable for my needs, so ssh access would be helpful. I fear that I'll have to bin the Zero hub as I can't figure out how to use it in my environment.

ejs · ‎10-06-2010

"filtered" just means nmap did not receive any response on that port, whereas "closed" did get a response. It doesn't necessarily mean there is any service listening on that port, it could just be the firewall is configured differently. I wouldn't be surprised if a bank's website has all ports except 80 and 443 filtered.
I think you can upload a modified config backup to enable ssh access, and connect using the IPv6 link local address, from the previously linked thread.

x47c · ‎14-08-2009

Quote from: cossoft
Just read the thread on unlocking the router. Have to say that it's pretty poor form for Plusnet to provide you a router that you own that's locked down. It's not what I'd expect from a professional isp.

Well you will be glad you do not have the opportunity of a FTTP service from a well known altnet.
Supplied ONT/Router unit totally and completely locked down; just wireless and port forwarding settings available.
No access to any other stuff including any of the firewall settings. No cli/ssh/telnet etc access.
No option not to use their ONT/router unit with the service - it is compulsory
Best of all you can log in via the suppliers customer web portal and get info on the router/status/devices connected so clearly there is a backdoor in somewhere and they could presumably if they so wish have access to your lan.
Don't like it? - no problem: don't take the service...

Anotherone · ‎31-08-2007

@cossoft
As previously remarked in this thread, a lot of ISP supplied modem/routers are "locked down" far more so than this one as it happens. This one has been "cropped" might be another way of putting it, just to keep costs down we think and that's why some bits of the firmware are in a somewhat untidy state. It's far from perfect and there has been a lot of criticism made of it. Read the thread(s) on the hardware board.
If you weren't able to follow everything in the thread that ejs linked in reply #5, or realise why port 22 should not be "open", then perhaps you should put the 2704n to one side and use one you find more suitable for your specialist needs. (Keep it to test your connection should you have a connection problem and are required to try an alternative modem/router).

chenks76 · ‎24-10-2013

Quote from: cossoft
Quote from: chenks76
...you've been told already that it's not a secret back door.

What? WHAT?
Is that a serious comment - or are you having a larf? You've been told that it's not a secret back door! You've been told all the huge corporations have your best interests at heart. Please.
I worry when I see a port on my sealed kit restricted to only a secret range of ip addresses. Why is the port filtered, and what ip addresses are passable? If ssh access wasn't required to the Zero hub, why have a ssh server running on port 22? Just don't start it up in the first place - that's the secure thing to do. If you have any security experience, you'll find that it's standard practice is to not have unnecessary services running.
Are you aware of any ports secretly filtered on your bank's web site?

careful, your tin foil hat might fall off with all the "larf"ing you're doing.
as has been said, if you don't like it then simply don't use the router.

What's on Port 22 on the Zero Hub

What's on Port 22 on the Zero Hub

Re: What's on Port 22 on the Zero Hub

Re: What's on Port 22 on the Zero Hub

Re: What's on Port 22 on the Zero Hub

Re: What's on Port 22 on the Zero Hub

Re: What's on Port 22 on the Zero Hub

Re: What's on Port 22 on the Zero Hub

Re: What's on Port 22 on the Zero Hub

Re: What's on Port 22 on the Zero Hub

Re: What's on Port 22 on the Zero Hub

Re: What's on Port 22 on the Zero Hub

Re: What's on Port 22 on the Zero Hub

Re: What's on Port 22 on the Zero Hub

Re: What's on Port 22 on the Zero Hub

Re: What's on Port 22 on the Zero Hub