Microtek's ADSL modem+router apparently has this interesting feature built-in by default: it's wide open for administration from then WAN (Internet) side. This, among other things, includes plain Telnet on port 23.
This needs to be secured immediately by the very intuitively named control "ACL" (the plain firewall is called "Filter" and it doesn't influence administration services!). On the plus side, the configuration is quite powerful, allowing separate "opening" of Web, Telnet and SNMP configuration / monitoring services on separate IPs.
Lesson learned - always run a session of nmap from the WAN side on new equipment.
Post your comment here!
Comments are subject to moderation and will be deleted if deemed inappropriate. All content is © Ivan Voras. Comments are owned by their authors (who agree to basically surrender all rights by publishing them :) )..