Hi

What is the basis for the confidence of your reply, "No, you're fine."  ?

Have Plusnet and / or Thomson (if that is the manufacturer of the Hub One router) run extensive testing on all aspects of VPNFilter against the Hub One router?  If so, is there any official documentation or statement regarding this?  If so, does this official documentation or statement provide any technical explanation?

Just because the Hub One is not on the list of routers known to be vulnerable to the FBI:

THIS DOES NOT NECESSARILY MEAN THAT THE HUB ONE ROUTER IS NOT VULNERABLE TO VPNFILTER!!!!

These are the only threads I have found in the Plusnet forums that seem to be relevant to this issue:

https://community.plus.net/t5/My-Router/Hub-One-Firmware-Updates/td-p/1336565

https://community.plus.net/t5/My-Router/Hub-One-Firmware-Updates/td-p/1336565/page/11

https://community.plus.net/t5/My-Router/VPNFilter/m-p/1542276

https://community.plus.net/t5/Fibre-Broadband/VPNFilter-router-malware-is-Hub-One-vulnerable/m-p/154...

https://community.plus.net/t5/Tech-Help-Software-Hardware-etc/Warning-from-the-FBI-via-Avast/m-p/155...

and nowhere have I found any reason to feel confident that a skilled hacker could not exploit Hub One using VPNFilter, beyond the 3 word answer of "No, you're fine."

BTW, I am a techie myself.

---

@spotless wrote:

What is the basis for the confidence of your reply, "No, you're fine."  ?

It is based on communication with the router vendor.

The Plusnet Hub One is not vulnerable to VPNFilter.

The device has safeguards against this type of attack, e.g:

• They do not use common default passwords.
• They do not give access to the operating system via any login method.

Neither us, nor the device vendor are aware of any exploits affecting the Plusnet Hub One that would allow access to install the malware.

Thanks Bob, that sounds reasonable.  BTW;

1)  I haven't found any way to do so so far, but is it possible to remotely administer the Plusnet Hub One router?

2)  If so, is it possible to turn off remote administration for the Plusnet Hub One router?

1.) Can't be enabled within the GUI, and not possible in the traditional sense of having external access to the router's web interface. The device can be remotely administered via TR069 using CWMP.

2.) We can 'cease' the device on our hardware management platform which will munge the URL the device uses for communication. This will stop you receiving any future software updates though and prevent certain support staff access to help diagnose problems. It also contradicts the concern about security, because you will be leaving yourself open to any issue in the future that we push patches for.

Thanks Bob.