cancel
Showing results for 
Search instead for 
Did you mean: 

PCI Compliance - Hub One

FIXED
londonoffice
Newbie
Posts: 3
Registered: ‎23-01-2018

PCI Compliance - Hub One

After our first security audit with the new fibre broadband connection, we have been told there are some vulnerabilities that need to be addressed.

 

There are several high numbered ports open to the internet potentially accepting SSL connections, even though no ports have been forwarded and nothing is using Universal Plug and Play.

 

Since this behaviour is undocumented and the Hub One is locked down in terms of low level configuration, does this mean we need to buy an alternative router which we can demonstrate to the auditors is secure?

3 REPLIES 3
jelv
Seasoned Hero
Posts: 26,785
Thanks: 971
Fixes: 10
Registered: ‎10-04-2007

Re: PCI Compliance - Hub One

Fix

There's probably no need to change router - just turn on the Plusnet firewall.

https://www.plus.net/help/broadband/about-plusnets-broadband-firewall/

Note you have to disconnect/reconnect for settings to take effect.

jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£14.40/month)
Mobile: iD mobile (£4/month)
londonoffice
Newbie
Posts: 3
Registered: ‎23-01-2018

Re: PCI Compliance - Hub One

Thanks, that's good advice, I believe the firewall was active.

Having disabled UPnP and rebooted the router, the issue seems to be resolved now. It appears to have been our remote access software opening unnecessary ports.

 

 

londonoffice
Newbie
Posts: 3
Registered: ‎23-01-2018

Re: PCI Compliance - Hub One

Just to clarify, the router had a firewall setting, but on closer inspection this is separate from the Plusnet firewall which has to be set up online.

 

After a day the ports had re-opened, so it was necessary to go through this extra step, as was suggested by jelv.