Professional Documents
Culture Documents
Suggestions On HG Anti-TR064 Attacks-Procedure-EN V1.1
Suggestions On HG Anti-TR064 Attacks-Procedure-EN V1.1
Suggestions on HG Anti-TR064
Attacks-Procedure
(For internal use only)
Contents
Suggestions on HG Anti-TR064 Attacks-Procedure.................................................................1
1 Background.......................................................................................................................3
2 Suggested Solution...........................................................................................................3
3 Example of Setting the Network Firewall.........................................................................3
1 Background
Recently, attacks for TR064 home gateways (HGs) occurred. Some Huawei HGs also use TR064.
Therefore, Huawei provides this document to prevent TR064 attacks.
2 Suggested Solution
1. If the firewall has been set for the network, you are advised to deploy polices to prevent attacks
from external traffic. This is a workaround to avoid subsequent attacks. For details, see "Example
of Setting the Network Firewall".
2. If no firewall is set, it’s recommended to block TCP 37215 port at the up-layer equipment.
The following uses Huawei network firewall USG6600 V100R003 as an example to show your
detailed procedure. Actual commands and command outputs vary with device version and
manufactures, which are provided by firewall manufacturers.
Step 1. Log in to the network firewall, set the rule of prohibiting the TCP37215 port, and mask
TR064 packet attacks on the WAN side.
Example:
[NGFW]ip service-set server1_port type object
[NGFW-object-service-set-server1_port]service 0 protocol tcp destination-port 37215
[NGFW-object-service-set-server1_port]quit
[NGFW]security-policy
[NGFW-policy-security]rule name policy_sec_deny1
[NGFW-policy-security-rule-polocy_sec_deny]source address address set server_deny
[NGFW-policy-security-rule-polocy_sec_deny]action deny
[NGFW-policy-security-rule-polocy_sec_deny]quit