BT HomeHub 3 (Huawei) now with Port 161 open

Frank_Rizzo · 22 Mar 2011 at 13:07

This new Wifi Broadband home router, the HomeHub 3 is being supplied to BT customers with Port 161 (SNMP) open.

The official explanation from BT:

"would like to inform you that port 161 is open to make the BT Home Hub better for the gaming environment and to make the transmission faster, as the port 161 related to SNMP protocol and it makes the transmission faster."

Do you believe them?

Grc.com
http://12078.net/grcnews/article.php?id=134236&group=grc.security#134236

Nodpi.org
https://nodpi.org/forum/index.php/topic,474.msg34975.html#msg34975

Skidilliplop · 22 Mar 2011 at 13:22

IF... that's an official BT explanation then I'd be worried as SNMP has never made any transmission of anything faster, nor have I heard of a widespread use of SNMP in games. That's quite a hefty pile of BS that statement. Casting huge questions about who actually vets what marketing numb skulls say.

It does however allow them to remotely manage/monitor the device. Which could speed up troubleshooting and break-fix times. assuming they bother to monitor it in real time.
Though it could potentially infringe on browsing privacy, though not likely much worse than what already goes on within their core network.

Of course assuming this is any more than a rumor.

kmufc77 · 22 Mar 2011 at 14:02

Does this mean that existing customers will get this new router or just new customers?

KIA · 22 Mar 2011 at 15:31

I wouldn't touch BT Retail with a bargepole.

Dennis1234567 · 12 Oct 2011 at 23:02

I know this thread is a little old but i just had to post a workaround to the homehub 3 open ports problem, so everyone becomes stealthed again. It works. This workaround should stop any firmware updates that may plug the loophole. You all know that BT will be working on new firmware to shut the loophole So i would suggest you do it as a matter of urgency. This workaround was posted today. It's not my solution but someone on BT's own community website. The person who came up with this little gem asked me to pass it on so as many people as possible with the security flawed Homehub 3 can stealth their connection again

You MUST use a vacant address and port to forward ports 161 and 4567 to. Use another address and port if they are in use

"i've recently moved and with bt being the fastest isp at my current address, found myself on BT. after running GRC's tests & seeing port 161 open, found this thread searching on 'bt home hub 3 port 161 open'.
after reading the above, i agree bt's reasons for leaving the port open and vulnerable are questionable. i therefor went into the hub manager, went to port forwarding in the advanced settings, added a new supported application, named it snmp, on port 161. went back to the port fwd. config, added a snmp item to fwd to ip 192.168.1.111 (which does not exist on my network), applied it & re-tested with grc. all ports now show as stealthed."

I should add that port 4567 (firmware updates) has been locked open as well, so you need to do the same with that port.

I have now passed it on, it would be nice if you could do the same.

source
http://community.bt.com/t5/BB-Speed-Connection-Issues/port-161-open-on-home-hub-3/td-p/133207/page/7