In light of the recent events involving the compromised routers in the Deutsche Telekom network, RouterCheck will now check for some of the indications that a router may be vulnerable to similar attacks. Earlier this week, close to 1,000,000 Deutsche Telekom customers were knocked off the internet when hackers began to attack their routers.
Starting today, RouterCheck will check the status of port 7547 and report if it’s open. This port is typically used by the TR-069 protocol to allow ISPs to modify router on their network. However, if the implementation of the protocol is faulty, hackers can take advantage and compromise the routers, as is what happened in the Deutsche Telekom case.
Users who find that their routers have this port open should be cautious. Unfortunately, most routers that support TR-069 do not have a way for users to turn off this functionality or close the port. However, in most cases, the routers will remain safe.
Users who are concerned should contact their ISP and ask them how they use TR-069.