cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Plusnet Firewall won't stay off

Anonymous
Not applicable

Re: Plusnet Firewall won't stay off

‎12-12-2014 9:17 PM

Quote from: mcoops82
it sounds like it might be something to do with my router DNS settings.

No what is being suggested, is that some routers have a known DNS vulnerability where an external attacker can change the router's DNS behavior, so that when you go to browse web pages on your PC, instead of viewing what you expected (perhaps online banking, or internet shopping) you are instead redirected to a clone of those websites, where your keystrokes, passwords, credit card info, etc can be copied without you knowing.  The Plusnet networks team have observed on your connection, the pattern of behavior that is associated with DNS compromised routers, and have (for your own safety) enabled the broadband firewall just enough to prevent external attackers having control of your router.
If that happened to me, I would always have the Broadband Firewall on, immediately install the latest version of firmware for the router (which should include patches for the latest security vulnerabilities), clear the router non-volatile memory back to default (to remove any hacked settings), then manually re-enter all the required settings to get back online.
I would also go to the "Gibson Research" website, and run the "ShieldsUp!" tests for "UPnP exposure" and "All Service Ports" to check for router vulnerabilities.
Wink
Message 31 of 87
(1,064 Views)
0 Thanks
jelv
Seasoned Hero
Posts: 26,785
Thanks: 971
Fixes: 10
Registered: ‎10-04-2007

Re: Plusnet Firewall won't stay off

‎12-12-2014 9:46 PM

Quote from: purleigh
The Plusnet networks team have observed on your connection, the pattern of behavior that is associated with DNS compromised routers, and have (for your own safety) enabled the broadband firewall just enough to prevent external attackers having control of your router.

How on earth did you deduce that? The email says no such thing!
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£14.40/month)
Mobile: iD mobile (£4/month)
Message 32 of 87
(1,064 Views)
0 Thanks
ejs
Aspiring Hero
Posts: 5,442
Thanks: 631
Fixes: 25
Registered: ‎10-06-2010

Re: Plusnet Firewall won't stay off

‎12-12-2014 9:51 PM

Plusnet haven't been changing the firewall setting and sending those emails to everyone who has their Plusnet Broadband Firewall set to off. So I presume Plusnet must have had some reason to change that setting for certain customers. Probably the email isn't as clear as it should be.
Message 33 of 87
(1,064 Views)
0 Thanks
Anonymous
Not applicable

Re: Plusnet Firewall won't stay off

‎12-12-2014 9:51 PM

Quote from: Chris
your firewall isn't just randomly turning on, it's being done quite deliberately by our networks team. It's likely they've spotted something untoward on your connection

This was discussed previously on this forum, but I can't be bothered to find specific references, so my simplified summary (in Reply #30 ) was from memory.
I would be happy if Chris Pettitt or Chris Parr would care to confirm or deny whether my summary was broadly correct or not.
Message 34 of 87
(1,064 Views)
0 Thanks
Anotherone
Champion
Posts: 19,107
Thanks: 457
Fixes: 21
Registered: ‎31-08-2007

Re: Plusnet Firewall won't stay off

‎12-12-2014 10:01 PM

@jelv
Read Chris Parr's post again, reply #20. And even if purleigh's deduction isn't a sequitur, the rest of his comments and suggestions are correct and sound. At the end of the day, is it really relevant? We've concluded it's best to have the Firewall on.
@mcoops82
Some further advice for you. As you are on a rural connection and will likely suffer some noise pick up after dark due to MW/AM propagation, even if we get it reduced, avoid resyncing after dark. In fact to be precise, avoid resyncing if your SNRM is below 6dB, ideally above 6.3dB. Typically avoid resyncing less than hour before sunset or less than an hour after dawn, but go by the SNRM value which needs to be stable at the time.
Edit: can you post some daytime stats tomorrow, ideally around the middle of the day.
Message 35 of 87
(1,064 Views)
0 Thanks
mcoops82
Dabbler
Posts: 21
Registered: ‎11-12-2014

Re: Plusnet Firewall won't stay off

‎12-12-2014 10:26 PM

@Anotherone: Plusnet firewall is definitely off right now.
As for the cabling, it comes in high up in to the loft space and down. It's as you describe, about 5mm diameter and black. Not sure about the cross section without getting the master socket open. I'm also not sure if there's a junction box but I'm guessing there is and it's probably up in the loft space - I've never had cause to mess around with it and I remember reading that anything beyond the master socket is property of BT. I want to say that the cabling and sockets were last replaced in 1999.
I don't really ever actively resync my connection these days (unless the internet feels really unusually sluggish or something - pretty rare) but I'll certainly keep your advice regarding time of day in mind, thanks. I will post some daytime stats tomorrow, no problem.
@purleigh: I remember visiting that GRC website recently and I just ran the tests again. The exposure test is a pass, File sharing test passes and although the Ports tests say failed I don't really understand why as none of them are 'Open'. A little over half are 'Closed' and the rest are 'Stealth'. Ideally they should all be stealth I guess?
Message 36 of 87
(1,064 Views)
0 Thanks
Anonymous
Not applicable

Re: Plusnet Firewall won't stay off

‎12-12-2014 10:39 PM

Quote from: mcoops82
A little over half are 'Closed' and the rest are 'Stealth'. Ideally they should all be stealth I guess?

Yes, they should all be stealth.
Read through the advice after the test results, to see whether you can improve your router's stealth rating.

Here is the result for my router -

I particularly like that my router didn't respond to 'Ping' requests during this port probing test,  despite my router simultaneously responding to 'Pings'  from other allowed sources including ThinkBroadband quality monitors, HE IPv6 tunnelbroker, IPv6-test : pingtest,  and pingtest.net

Cool
Message 37 of 87
(1,064 Views)
0 Thanks
mcoops82
Dabbler
Posts: 21
Registered: ‎11-12-2014

Re: Plusnet Firewall won't stay off

‎12-12-2014 10:43 PM

Hm, I'll look in to that. Thanks.
Message 38 of 87
(1,064 Views)
0 Thanks
Anotherone
Champion
Posts: 19,107
Thanks: 457
Fixes: 21
Registered: ‎31-08-2007

Re: Plusnet Firewall won't stay off

‎12-12-2014 11:02 PM

I'd go and turn the Firewall on low setting tomorrow, and login to your router, and if you haven't got Connect/Disconnect buttons near where you enter your Broadband username and password, then rather than reboot the router (not the modem) I'd power it off for 10 minutes so that your PPP Internet session is dropped (not the sync)..
If you Master socket doesn't look like one of those on the previous link I gave you, does it look like one of these
Message 39 of 87
(1,064 Views)
0 Thanks
mcoops82
Dabbler
Posts: 21
Registered: ‎11-12-2014

Re: Plusnet Firewall won't stay off

‎13-12-2014 12:16 PM

I had some fairly major issues with my master socket when I took the faceplate off. I'll post some pictures later to show what my socket looks like but for now I have had to move all my equipment on to another socket in another room as the 2 and 5 wires in the master socket came loose. I don't know if this constitutes a fault - I am fairly confident that I am entitled to remove the faceplate from the socket (hope so) but was obviously not expecting the wires to pop off so easily. Just an observation and possibly to be expected but the orange wire has a badly blackened end where the copper is exposed. Not sure if this could be creating interference or otherwise subpar network performance. Here are my line stats as of 12:12pm:
Downstream Upstream
SNR Margin
:
6.0 23.0 db
Line Attenuation
:
33.0 18.5 db
Data Rate
:
6848 448 kbps
Max Rate
:
7072 1164 kbps
POWER
:
20.0 12.0 dbm
CRC
:
7 0
I don't know if it is relevant but keep in mind I am no longer connected to the master socket and am now hard wired with an ethernet cable instead of a wireless connection. BT wholesale speedtest still will not produce 'Further Diagnostics' and Plusnet firewall remains off (I just checked).
Message 40 of 87
(1,064 Views)
0 Thanks
Oldjim
Resting Legend
Posts: 38,460
Thanks: 787
Fixes: 63
Registered: ‎15-06-2007

Re: Plusnet Firewall won't stay off

‎13-12-2014 12:22 PM

Something isn't right there
If the wires 2 and 5 came off the removable faceplate and you didn't connect them again then no other sockets in the property should work
So either it isn't actually the master socket or there wasn't a removable faceplate or the internal wiring is screwed up or it is star wired from a junction box somewhere
I am sure anotherone can comment further once we see your pics
Message 41 of 87
(1,064 Views)
0 Thanks
mcoops82
Dabbler
Posts: 21
Registered: ‎11-12-2014

Re: Plusnet Firewall won't stay off

‎13-12-2014 1:21 PM

http://imgur.com/2c1GZup - Exterior phone cable as it enters the house (I was mistaken in thinking there was no box, I thought it would be up in the loft space)
http://imgur.com/OqDGDhG - Master socket after the wires popped off
http://imgur.com/ZzFA8eD - Close up of the blackened orange connection
Only last night I was looking in to the possibility of upgrading the master socket to an NTE5 socket. I suppose I should call BT first and find out what the damage would be to have an engineer come out.
This thread seems to have become less about firewalls and more about scavenging tech advice on how to improve my home phone and broadband setup - sorry about that.
Message 42 of 87
(1,064 Views)
0 Thanks
Anonymous
Not applicable

Re: Plusnet Firewall won't stay off

‎13-12-2014 1:37 PM

I'm sure 'Anotherone' and 'OldJim' will walk you through getting your connection sorted,  but you still need to leave the 'Broadband Firewall' set to 'Low' until you have upgraded and factory reset your router's firmware as you are still likely to have your web browsing compromised and will remain vulnerable to having your personal information stolen until your router is made secure.
Message 43 of 87
(1,064 Views)
0 Thanks
Oldjim
Resting Legend
Posts: 38,460
Thanks: 787
Fixes: 63
Registered: ‎15-06-2007

Re: Plusnet Firewall won't stay off

‎13-12-2014 2:18 PM

I am going to leave this to the greater expertise of anotherone
Although that is a master socket - it has a large ring capacitor - it certainly isn't a true master socket as otherwise the slave sockets would run off it so it may be that your system is star wired and hence there must be a splitter box somewhere and it doesn't look as though the one on the wall is it
Is it possible to check what is in the roof space
Message 44 of 87
(1,064 Views)
0 Thanks
mcoops82
Dabbler
Posts: 21
Registered: ‎11-12-2014

Re: Plusnet Firewall won't stay off

‎13-12-2014 2:54 PM

@Oldjim: It is possible and I hope to be able to take a look at some point tomorrow.
It has always been my understanding that the presence of the large capacitor denoted that it was the master socket, albeit an older style socket. Either way, it seems it may have finally reached retirement age so now would seem as good a time as any to look in to what options I have in terms of replacement. Whatever that socket technically is called, it is the only one of the four phone sockets in our house which has the black cable coming in. All of the other sockets have a thinner diameter white cable.
Message 45 of 87
(1,064 Views)
0 Thanks