DBSTalk Forum banner
Status
Not open for further replies.
1 - 20 of 97 Posts

·
Banned
Joined
·
4,642 Posts
Discussion Starter · #1 ·
Just wondering what ports it may be listening to.
 

·
Cutting Edge: ECHELON '08
Joined
·
4,107 Posts
Wolffpack said:
Just wondering what ports it may be listening to.
You constantly post about the HR20.

Are you saying that you don't have an HR20?

- Craig
 

·
Banned
Joined
·
4,642 Posts
Discussion Starter · #3 ·
As described in my SIG line, no I don't have a HR20. At this point in time there's nothing a HR20 can provide me that my HR10s don't provide. At least nothing I see as worth the instability of the HR20.

I've had a R15 since early 2006 and while it has become a better product over time, it's still owns a position in my house which a plain receiver could have, my office.
 

·
Legend
Joined
·
156 Posts
Wolffpack said:
As described in my SIG line, no I don't have a HR20. At this point in time there's nothing a HR20 can provide me that my HR10s don't provide. At least nothing I see as worth the instability of the HR20.
You sure seem to be curious about something you do not want.

I just port-stanned mine and it seems to only be listening on ports 25 and 110.
 

·
Registered
Joined
·
4,880 Posts
Starrbuck said:
You sure seem to be curious about something you do not want.
Something he doesn't want at the moment. I'm sure eventually (and hopefully) once the HR20 has stabilized and has additional features that make it more appealing than the HR10, then Wolffpack would probably get the HR20. Just because he doesn't have it/want it at the present moment doesn't negate the fact that there is curiosity about it.
 

·
Legend
Joined
·
156 Posts
Well-said, Narf. Has anyone ever told you you may have a career in politics? ;)
 

·
Banned
Joined
·
4,642 Posts
Discussion Starter · #7 ·
Excuse me. So if I don't have a HR20 I'm not allowed to post questions in this hallowed forum? I never said I didn't want a HR20. What I said was that at this point in time I saw no need to replace my HR10s with a HR20. At some point in time, when more MPEG4 HD content is available, that may change and I may upgrade but for me that time hasn't come.

Yes I am curious about the HR20. This is the path DTV has chosen to take. But lately his forum (the HR20 forum) has gotten so argumentative it's ridiculous. D*fenders and D*tractors constantly arguing about which machine is better. What ever happened to simple questions because someone wanted to know. Folks have pulled off the cover and provided shots of the guts of these machines. Other have pulled the HD to see what filesystem it may or may not be using, still others have experimented with the eSATA capability. Now that networking is officially enabled on the HR20 I posted a question, a research question, to see if anyone had tried a port scan. The two responses I've received seem to question my motives? Gee, why would I be interested in something I don't have and don't want.

Given that, it is interesting that the two ports responding both have to do with email. SMTP and POP3. What possible features might those be used for? Has any noticed their HR20 attempting to gain access to external internet sites? In a typical setup most users don't block outgoing requests via a hardware firewall. I wonder if the HR20 is phoning home over the internet without customers knowledge.

You folks really need to chill out. I've kept my mouth shut about this so far, but the HR20 forum is becoming another TCF with the attitude that you're either for us or against us. It's tough just to post a question or answer over there without 50 other members giving you the 3rd degree.
 

·
Registered
Joined
·
4,880 Posts
Wolffpack said:
But lately his forum (the HR20 forum) has gotten so argumentative it's ridiculous. D*fenders and D*tractors constantly arguing about which machine is better. What ever happened to simple questions because someone wanted to know.
I hear you loud and clear there. One of the reasons my post count hasn't been increasing at the same rate these past couple of weeks. I've moved more to a neutral stance with everything now.

But anyway... :backtotop

Wolffpack said:
Given that, it is interesting that the two ports responding both have to do with email. SMTP and POP3. What possible features might those be used for? Has any noticed their HR20 attempting to gain access to external internet sites? In a typical setup most users don't block outgoing requests via a hardware firewall. I wonder if the HR20 is phoning home over the internet without customers knowledge.
I'd be very interested in this as well. Is it emailing back crash/usage data? I don't have Snort installed on any machines here, so I can't check it out for myself.
 

·
AllStar
Joined
·
78 Posts
Wow, I just saw the firmware upgrade list for the hr20,
that's 18 upgrades in 5 months, allmost on par with Microsoft .
Are we all beta testers too ?
Anywhoo, I just wanted to say I have just upgraded the hard drive with a new seagate 750ghb. Removed cover, unpluged both power and data fromminternal drive, then with a standard sata cable plugged into the motherboard with an 18" standard sata cable, exiting the case through the hole created by removing the external esata port (just two screws). Extended the 4 pin power connector with a standard disc drive power extension cable and placed the drive in a small 3.5" drive case I had lying arround (with a small fan inside) I powered up the hr20 in the normal way and it booted correctly and sees the new drive without any problems. I know I could just have replaced the internal drive, but didn't want to disturb more than I need to see if it's reliable. Not sure what a 750ghb translates into hours, but as its more than twice the original size it should be fine for a while, at least till I get my external raid0 setup. Can someone please tell me what the max size of drive might be that the hr20 can address ?
 

·
Registered
Joined
·
5,957 Posts
I get nervous when people start asking about what ports the HR20 is using. The very words "port scan", make my skin crawl. It's a security thing. Perhaps this is where the question was coming from? Given the problems that the HR20 has had, it wouldn't be much of a stretch to think it could be crashed from the "outside".

I'll admit, when I saw the question, a bunch of flags went up for me, so don't necessarily take the issue as having or not having an HR20, but asking what might appear to be a "fishy" question. (I'm not saying it was, I'm saying one wouldn't be completely irrational to consider that point)

Just because you don't have an HR20 yet, doesn't mean you aren't out to get me.:D
 

·
Registered
Joined
·
4,880 Posts
ItsMeJTO said:
Anywhoo, I just wanted to say I have just upgraded the hard drive with a new seagate 750ghb. Removed cover, unpluged both power and data fromminternal drive, then with a standard sata cable plugged into the motherboard with an 18" standard sata cable, exiting the case through the hole created by removing the external esata port (just two screws). Extended the 4 pin power connector with a standard disc drive power extension cable and placed the drive in a small 3.5" drive case I had lying arround (with a small fan inside) I powered up the hr20 in the normal way and it booted correctly and sees the new drive without any problems. I know I could just have replaced the internal drive, but didn't want to disturb more than I need to see if it's reliable. Not sure what a 750ghb translates into hours, but as its more than twice the original size it should be fine for a while, at least till I get my external raid0 setup. Can someone please tell me what the max size of drive might be that the hr20 can address ?
I believe this thread will be more helpful to you: http://www.dbstalk.com/showthread.php?t=66201
 

·
Banned
Joined
·
4,642 Posts
Discussion Starter · #12 ·
hasan said:
Just because you don't have an HR20 yet, doesn't mean you aren't out to get me.:D
Rest assured, I'm not out to "get" anyone. I'm interested in any CE product in my house that is network aware and could be blindly attached to a home network. Not having any idea what it's doing or with whom.

I was expecting no ports to be open. The fact that those two (25 and 110) are open concerns me a bit. Again, I'm assessing this and want to be fully aware of anything I attach to my network. I can't imagine why these ports would be open.

Has anyone setup a monitor to see what packets are flowing to and from the HR20? Looked at the packet types and their destinations? Has anyone tried to open a session with port 25 or 110 via telnet? Tried a 'helo' or 'help' command?

It's well know that the general public is too trusting and ignorant of attaching a device to their home network that in turn could have access to the Internet. How many of you have plugged your HR20 into your home network without even asking yourself the question what it may be doing? Those are the questions I ask for a living. Again I don't have a HR20 so I haven't reviewed it's network activity.

For background, I'm what some (my clients) consider a security professional. I hold a certification known as CISSP and have for years. For me to hold that certification there is a Code of Ethics I and other holders of this certification adhere to.

So, does all this sound paranoid? You bet it does. That's what CISSPs do for a living. They are paranoid regarding IT/Network security and that's what they're paid for.

I see a CE device that has many bugs in it and recently had networking added to it. Given the track record of both the HR20 and R15 I would have a hard time connecting this to my network without knowing it's impact. It very well may just be Viiv, but if so, why is it listening on 25 and 110? Also, is it initiating it's own sessions with servers outside your home network?

I didn't plan on going into this detail, but does that clarify my intentions in asking the original question?
 

·
Registered
Joined
·
4,880 Posts
Wolffpack said:
Has anyone tried to open a session with port 25 or 110 via telnet? Tried a 'helo' or 'help' command?
No dice for me:

Code:
C:\Users\admin>telnet 192.168.1.104 25
Connecting To 192.168.1.104...Could not open connection to the host, on port 25:
 Connect failed

C:\Users\admin>telnet 192.168.1.104 110
Connecting To 192.168.1.104...Could not open connection to the host, on port 110
: Connect failed
 

·
Hall Of Fame
Joined
·
1,308 Posts
Wolffpack said:
Rest assured, I'm not out to "get" anyone. I'm interested in any CE product in my house that is network aware and could be blindly attached to a home network. Not having any idea what it's doing or with whom.

I was expecting no ports to be open. The fact that those two (25 and 110) are open concerns me a bit. Again, I'm assessing this and want to be fully aware of anything I attach to my network. I can't imagine why these ports would be open.

Has anyone setup a monitor to see what packets are flowing to and from the HR20? Looked at the packet types and their destinations? Has anyone tried to open a session with port 25 or 110 via telnet? Tried a 'helo' or 'help' command?

It's well know that the general public is too trusting and ignorant of attaching a device to their home network that in turn could have access to the Internet. How many of you have plugged your HR20 into your home network without even asking yourself the question what it may be doing? Those are the questions I ask for a living. Again I don't have a HR20 so I haven't reviewed it's network activity.

For background, I'm what some (my clients) consider a security professional. I hold a certification known as CISSP and have for years. For me to hold that certification there is a Code of Ethics I and other holders of this certification adhere to.

So, does all this sound paranoid? You bet it does. That's what CISSPs do for a living. They are paranoid regarding IT/Network security and that's what they're paid for.

I see a CE device that has many bugs in it and recently had networking added to it. Given the track record of both the HR20 and R15 I would have a hard time connecting this to my network without knowing it's impact. It very well may just be Viiv, but if so, why is it listening on 25 and 110? Also, is it initiating it's own sessions with servers outside your home network?

I didn't plan on going into this detail, but does that clarify my intentions in asking the original question?
Could the answer to your question be as simple as the consideration that the HR20 may allow you access to your e-mail at some point in the future? Don't ask me why they would add this feature, but why the hell else would they leave these ports open?
 

·
Registered
Joined
·
5,747 Posts
Hey Wolf,

A number of months ago I remember not seeing you post for over a week. Your response was that you had been to a security conference. So with that said, If I hadn't been a little familiar with you and your posts (as much as one can in this environment anyway), I would have been curious (suspicious) about why you had asked the question. It wouldn't have had anything to do with whether or not you owned an HR20.

I get paranoid as well, and was very curious to see the answer to your question. I'm an owner in IT company as well. I do not hold a cerification such as yours(my partner has the certs). We do alot of IT security along w/ general IT support services. And frankly it's scary. We come accross many new customers that have wireless AP's wide open. Broadcasting SSID, no passwords, no WPA or security, nothing. We can sit in the parking lot and "see" everything. It's simply incrediable that people still don't get it. Others that have third party vendors RDP'ing straight to the server w/ no firewall.

We haven't had to do this yet because we have always been able to articulate and explain why these things are a problem. But we will generate documents stating that they have been advised of the serious security concerns within there network and we are not responsible for it. blah blah blah.....

It's going to be interesting to see why ports 25 and 110 are open and how it plays out on the HR20.
 

·
Hall Of Fame
Joined
·
1,308 Posts
Can someone give me a worse case scenario for what they fear the HR20 might actually be doing? Are you concerned it may be monitoring your e-mail communications? Or is it more along the lines of a privacy violation by sending viewing data over the net via a mail app?

Since I am not a security professional, I can't imagine how diabolical someone could get with a TV box.

What are we talking about here?
 

·
Lower Echelon
Joined
·
632 Posts
My results with nmap show no open ports:

nmap -v -A -P0 192.168.0.2

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2006-12-23 18:27 PST
DNS resolution of 1 IPs took 0.01s.
Initiating Connect() Scan against 192.168.0.2 [1680 ports] at 18:27
Connect() Scan Timing: About 8.93% done; ETC: 18:32 (0:05:06 remaining)
The Connect() Scan took 347.26s to scan 1680 total ports.
Host 192.168.0.2 appears to be up ... good.
All 1680 scanned ports on 192.168.0.2 are filtered
 

·
Banned
Joined
·
4,642 Posts
Discussion Starter · #18 ·
PoitNarf said:
No dice for me:

Code:
C:\Users\admin>telnet 192.168.1.104 25
Connecting To 192.168.1.104...Could not open connection to the host, on port 25:
 Connect failed

C:\Users\admin>telnet 192.168.1.104 110
Connecting To 192.168.1.104...Could not open connection to the host, on port 110
: Connect failed
Interesting. Starrbuck stated 25 and 110 were open. Can you run a port scan and see if your HR20 is also showing those ports as open?

Starrbuck, what port scan did you run?
 

·
Banned
Joined
·
4,642 Posts
Discussion Starter · #19 ·
oakwcj said:
My results with nmap show no open ports:

nmap -v -A -P0 192.168.0.2

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2006-12-23 18:27 PST
DNS resolution of 1 IPs took 0.01s.
Initiating Connect() Scan against 192.168.0.2 [1680 ports] at 18:27
Connect() Scan Timing: About 8.93% done; ETC: 18:32 (0:05:06 remaining)
The Connect() Scan took 347.26s to scan 1680 total ports.
Host 192.168.0.2 appears to be up ... good.
All 1680 scanned ports on 192.168.0.2 are filtered
Those were the results I'd expect. Don't know what Starrbuck ran against his/hers. As an aside....ain't that a ***** that we had a guy Starbuck and then a girly Starbuck? But in the end, the girly Starbuck could easliy kick the guy Starbuck ass!
 

·
Icon
Joined
·
777 Posts
The box could not sniff any network traffic unless it was connected to a hub or mirroring port on a switch. I seriously doubt ports 25/110 are open. It seems like Starbuck was scanning an email server somewhere. 25 is SMTP and 110 is POP3. There is absolutely no reason for the HR20 to me using this port. If anything, I would expect to see some UDP broadcast traffic dealing with uPNP.
 
1 - 20 of 97 Posts
Status
Not open for further replies.
Top