Skip to content
Skip to main content

  • Home

JN_92's profile
JN_92
1st Reply
Expressive Exchange
1st Topic

Contributor

 • 

21 Messages

Monday, March 23rd, 2015 12:00 PM

Port 80 on Comcast Gateway (SMC 3DG-CCR)

We have a Comcast business gateway (SMC 3DG-CCR) that serves as our Internet router.  Like many organizations, we have been attacked regularly by malware from the Internet.  Most of these intrusion attempts come in on port 80.  On the Comcast gateway, port 80 is being forwarded to port 80 on our server.  That allows the malware direct access to the server.  I would like to uncheck the port forwarding box in the Comcast gateway to break this connection.  At that point, the malware would not reach the server the way it has in the past.

 

Please note that this server does not host a web site.  There is no reason for anyone from the outside to need access to port 80, either on the server or the gateway, as far as I know.

 

Is this port forwarding needed for us to access the gateway's web configuration program?  I do not want to block our access to the setup/configuration program on the Comcast device.

 

Also, do we need port 80 forwarded like this for the server and workstations to use web sites on the Internet?  DNS service on our small network is provided by our server (Windows Small Business Server).

 

Thanks for any guidance you can offer with these questions.

Question

 • 

Updated 

9 years ago

3K

6

0

0

JN_92

Contributor

 • 

21 Messages

9 years ago

Thanks for your helpful reply, John.  There is one question I still have, though.  Is there a specific port required by the Comcast/SMC unit to log into the unit and run the device configuration program?  If so, would it be port 3389 (we unchecked the port forwarding box for that port some months ago)?

 

I need to go into the device setup program to disable the port 80 forwarding, as we have discussed.  When I tried to do that today, I discovered that I was not able to get into the device setup software.  I couldn't even get to the login screen page.  Although I can ping the IP address of the Comcast gateway (192.168.16.1), the web browser on the server (which we have used before) times out and never loads the device login screen.

 

Thanks for any further assistance you can offer.

0

0

CC_John

Retired Employee

 • 

1.9K Messages

9 years ago

Hi JN.  Port forwarding allows for the remote/outside access to the server or other connected device.  It is not necessary for internal access. You can disable and delete the port forwarding rule. 

 

Thank You

0

0

CC_John

Retired Employee

 • 

1.9K Messages

9 years ago

Hi JN.  Can you connect a PC directly to the SMC gateway and try access via your LAN IP?  Let me know please.

 

Thank You

0

0

JN_92

Contributor

 • 

21 Messages

9 years ago

The network in question is located at another address.  I will go there over the weekend and try your suggestion.  I am taking a laptop and a CAT-5e cable, which I will connect directly to an Ethernet port on the Comcast/SMC gateway, as you recommend.   I'll report back Monday to let you know how it goes.

 

Just so I know, what is the default IP of the Comcast/SMC device?  I think it was 10.1.10.1, but I'm not sure.  I'll try that IP address also (if needed), just in case the device got reset to factory default condition somehow.

0

0

JN_92

Contributor

 • 

21 Messages

9 years ago

Hi John.  I did try your suggestion over the weekend.  I connected a laptop and CAT-5e cable directly to one of the Ethernet ports on the Comast/SMC gateway.  Unfortunately, nothing changed.  I was still unable to access the device configuration system.  As before, i am not even able to reach the login screen.  Internet Explorer times out and returns an "address not found" error screen (yet I was still able to ping the gateway address from the laptop).  So, whatever problem is going on here does not appear to come from any other aspect of the network.  Even with a direct connection to the gateway/router, I am not able to access any of the settings.

 

I hope this helps clarify the situation for you.

 

Thanks again for your help with this problem.

 

 

John

 

0

0

JN_92

Contributor

 • 

21 Messages

9 years ago

Hi John.  As you can see from my post below, I did try a direct connection to the SMC/Comcast gateway, but am still unable to get to the device login screen.  Internet Explorer just times out when I enter the device IP address, although I can ping it.

 

What should I/we do next?

 

Thanks.

 

 

John (JN)

 

0

0