Skip to site navigation

Broadband: Securing your Technicolor TG582n against Open...

Expand / Collapse
 

Broadband: Securing your Technicolor TG582n against Open Recursive DNS


Aim of this article:

The aim of this article is to help customers secure Technicolor 582n routers which have been identified as running open recursive DNS servers. This can occur when the firewall on the 582n is disabled. The easiest method to secure your router is to enable the firewall, however this guide will allow you to disable the DNS service without enabling the firewall, if there is a reason you must run the router with it disabled.

NOTE: Zen is working with Technicolor and in future firmware revisions and templates this should be secured by default.

What is Open Recursive DNS?

Open Recursive DNS servers pose a threat to networks by answering queries from third-party networks. They are used in network attacks to slow or saturate somebody else’s network.

Securing the Technicolor 582n

There are two methods for securing the 582n router in this section, and you should select the one most appropriate to your circumstances:

 

Securing the TG582n and preserving ‘custom’ settings

This method will ensure any custom rules you’ve added (port forwarding, etc.) are preserved. Begin by following the instructions below for your operating system:

Windows

Click Start then Run and type: cmd
Press Enter.

Mac OS X

Click Go then Utilities. Click Terminal.

Once Command Prompt (Windows) or Terminal (Mac OS X) is open, complete the following steps:

  1. At the command line which appears type: telnet 192.168.1.254 (where 192.168.1.254 would be your router's IP address)
  2. Press Enter.
  3. You will be prompted for a username - by default this will be Administrator. Type the username in and then press Enter. 
  4. You will be prompted for a password - by default this should be left blank, unless you have changed it (enter your password if you have changed it, else leave it blank). Press Enter.
  5. From the prompt type: dns server config state=disabled 
  6. Press Enter. 
  7. Type saveall
  8. Press Enter.

 

Securing the TG582n without preserving ‘custom’ settings

If you have no custom settings you want to keep, and you have your connection details to hand then complete the following steps.

NOTE: You can get your Broadband username and password from the Customer Portal. Our guide to Technical Details shows you how.

  1. Open a web browser and browse to to your router’s web configuration page on http://192.168.1.254 (default address).
  2. You will be prompted for a username - by default this will be Administrator, and a password - this should typically be left blank, unless you have changed it in the past. 
  3. In the left hand menu, select Technicolor Gateway
  4. Click on Setup my Technicolor Gateway. This will re-run the setup wizard as if you were configuring the device for the first time. 
  5. Continue with the setup as required. When prompted, do not disable the firewall. Once the device is configured go to the web interface again. 
  6. Select Toolbox from the left menu panel
  7. Click Firewall 
  8. Click Configure at the top right of the screen
  9. Select the Security Level as Disabled
  10. Click Apply.

This should block recursive DNS requests on the WAN, but still run the Technicolor in a firewall-disabled state.



Rate this Article:
     

Feedback on this Article


Comment require login or registration.

Details
Type: HOTFIX
Rated 3 stars based on 3 votes.
Article has been viewed 9,276 times.
Options


Skip to site navigation