OBi unit web page receiving unauthorized visits?

(1/3) > >>

QBZappy:
By chance I was looking at my router QOS (Tomato firmware), and noticed that my OBi100 unit web page was showing some activity. I observed for a while. I was getting connections from several places at certain times. I logged in using WAN address of the OBi from a far away location and saw my current ip confirming that it was others/scanners visiting my WAN_IP:80. Just to show that the OBi is being scanned for HTTP port 80. It might be useful to change it to non standard port for the security. I had overlooked this detail.

Proto   TCP
Source OBi100 (X.X.X.X)
S Port 80
Destination dsl-200-67-203-229-sta.prod-empresarial.com.mx (Mexico 200.67.203.229)
D Port 64054
Class Remote
Rule 10
BytesOut 84
Bytes In 231                                
               

giqcass:
That's the reason why its very important to change the default passwords especially if you enable wan access.  Changing the port of course could add a little extra security as well as long as you don't forget when you need it lol..

Rick:
Maybe I'm not understanding, but I use Gibson Research's site (www.grc.com) and Shields Up! to check my system.  All my ports, including HTTP 80, come up as STEALTH.  Doesn't that mean I don't have to worry?

QBZappy:
Rick,

In your browser try the following and see what you get:
http://Your_Wan_ip

If you get the Obi unit web page then it can be reached over the internet.

Rick:
Nothing.  Reverts to Google.  And that is my router address and the OBi is behind it.

Navigation

[0] Message Index

[#] Next page