Thanks - I've reset it and will reschedule a scan to see if the problem is fixed.

Re-scan has failed with the same problem i.e. TCP/IP SYN+FIN Packet Filtering Weakness 

Looks like there is not a current fix for this router.  I'll contact the PCI compliance people to see what they say but at the moment it leaves us non-compliant.

Hi Bob,

I have just had the same issue.

This is the response from my merchant:

This vulnerability is either related to your router/firewall. Please update your router/firewall firmware to the latest version and rerun the scan. If it is already running on the latest version then, please provide us a screenshot of the firmware version of your router/firewall to verify that you have the latest version updated. Also, please make sure you include the make and model of the router/firewall and also the date when the latest version was updated. For any assistance, please contact HELP DESK.

Are you able to check which firmware we are using? If the rescan still doesn't work how do I get the screen shot?

Many thanks

Poppy Treffry

@GrindlefordCom and @lightshade I've updated the firmware of both of your devices to the latest available build (7.275.12), however I'm skeptical it will pass the tests that have been run against the device (let us know either way).

Assuming it doesn't, I refer you to the earlier post here.

@JoPilkington for some reason, your device has dropped off the management platform so I can't push the update to you. Assuming your router has a serial ending 810 or 040, then please factory reset it using the pinhole at the rear of the device. Once this has been done I can try again (assuming you still want me to?)

@Gandalf wrote:

I've re-added your router onto the hardware management platform. Could you factory reset it using the pinhole at the back? This should push the latest firmware version down to you within 24-48 hours. Let us know how it goes.

@Gandalf, FYI this is not how the Hub Zero hardware management platform is configured. Doing what you've suggested above does not pull down the latest firmware update. Even if it did, 7.275.12 is not a version we've deployed to the masses yet.

I have taken a screenshot of the router help page which shows the firmware as 7.275.12 and sent it to the compliance people who said they would make an exception if I could show that the router had the latest firmware,  I think it is still failing but the IP address is not static so cannot be sure that they have scanned the right address.  It seems to take 24 hrs for the scan to complete (or perhaps just to get the results). 

Hi Bob,

We are a new Plusnet customer, and were sent the above router, which I described to one of your less helpful colleagues as a piece of junk. The specific message we are receiving from First Data is "TCP/IP SYN+FIN Packet Filtering Weakness". One of your colleagues suggested a firmware upgrade, which was contradicted by another, saying that "the router is a basic model, and fit for purpose to connect you to the internet" Suffice to say, it is not fit for purpose for small businesses who carry out card transactions.

I have only just discovered the separate firewall settings on my account. Short of forking out for a decent piece of hardware, do you have any further advice? Getting desperate now, as we have not been compliant for over a month, and we rely on the card machine to accept payments.

Best regards,

Vic

I sent evidence to the PCI compliance people that the router had the latest firmware and they granted and exemption.  You just need to send the evidence by selecting 'False positive' and attaching appropriate files.  When I rang the PCI compliance help desk they said that it is a problem with quite a few routers not just the 2704n. But I do think Plusnet could maybe consider supplying their business customers with something better.

Hi @bobpullen I have done the factory reset. Can you have another go at updating the firmware and  let me know how I get the screenshot to send to the PCI people.

Many thanks

Poppy

Update to PCI - thankfully I am a bit of a hoarder. I found an old BT Home Hub 3 back at the house. Plugged it in, logged in with my Plus Net credentials, and passed with flying colours! A little disconcerted that I can take a piece of hardware that is 8 years old and pass, yet my (barely) 8 week old Plus Net router fails.

PCI scan time has come round again and the router has failed. Is there any news of a firmware upgrade that will meet the requirement?  Is there an update on 7.275.12 ?

Hi Bob

How do I get the firmware updated to the latest version?

I have 2 routers that need to be pci compliant but are failing at the moment

Thanks

@GrindlefordCom, @redline,

I've updated our products team requesting to push down firmware to your 2704n.

Hi I have 2 accounts with Plusnet

Can you update the firmware on this account also please