The problem @stu593 is, we as customers, have no way to tell what we are doing works until we get another email from Rogers. What one tech told me today was, when you call in, you have to ask for the timestamp of the scan that generated the email -- because the scan could have happened before we apply this "possible" solutions.
Rogers needs to give the customers more specific information if we are to resolve the issue -- especially if we scan the ports and see that they are closed. So, what is Rogers complaining about then?
I THINK THAT I HAVE A SOLUTION … MAYBE
CAVEAT: I will know if this actually worked or not within the next couple of weeks - assuming that “not hearing” anything from Rogers by that time means that I ”passed" their network security test.
My process - basically is a system of elimination with testing of all my devices (16) individually for port problems. There were several surprises in this voyage of discovery. Here is my process, which I have replicated here for those of you interested. Note: Some of you are quite advanced and will likely find this too detailed, but several people are not that familiar with some for these processes and I wanted to provide a bit of helpful guidance. I certainly found several problems which I managed to correct along the way and which have given me complete stealth (at least on the ShieldsUP site) on the most common ports of 1 to 1055 (ShieldsUP explains why they add some extra ports to come up with this number).
I basically spent 3 days full-time this week researching, learning and applying some of the stuff I learnt. There are a lot of opinions out there and I quickly learnt that just because someone had a strong and well-articulated opinion that it didn’t mean that they really knew what they were talking about - they might know some things very well but it was too narrow in scope, or they were too techie and couldn’t be bothered to better explain their expert advice. I can understand the latter point of view (“RTFM you lazy person”) but they weren’t nearly as helpful as they assumed they would be, IMHO.
The home consumer router business is a mess IMHO - while searching for a new router, I was quite interested in security this time around, as opposed to speed and other interesting functions. I narrowed down my choices to about 4-5 routers but while reading reviews, and now being a bit more knowledgeable about routers and security, I realized that consumers really do trust the router providers to offer users with at least a minimally safe setup. To the contrary, this is not the case and I was disheartened to see so many routers with default settings that were wrong, or had not been activated by default, or lacked security features that were essential in this online environment which so much now resembles a “digital war age”. In other words, some routers were being sold to trusting consumers who, if they weren’t so inclined (and that would include me normally) to learn a bit more about their devices, who expect their routers to be safe. So, in a strange way, Rogers is responsible with its cryptic warnings for pushing me to figure this out on my own and I don’t think that what I learnt will be wasted. I certainly am very far from being an expert, but I now know enough to ask better questions and to watch for certain minimal functions within a router that are essential to online safety.
Lastly, there are some very kind and helpful people out there and to them, even though we have never met, I say thank you for sharing your time, expertise and suggestions.
A few weeks ago I started receiving these exploitable NetBIOS vulnerability messages from Rogers (every Monday at the same time). After spending weeks and checking all possible devices at home, I found this forum and decided to use ShieldsUP! to test the Rogers modem for open ports. Found most of the ports closed, three open and just two stealth. I recalled that the Rogers messages started coming in after we replaced our previous apparently faulty Rogers modem with a new one that Rogers sent us by mail (not from a Rogers store). I decided to restore factory default settings of the modem from a computer, but it didn't work. I reset the modem at the back with a paper clip and only then managed to restore the factory settings from the computer. I ran the ShieldsUP! test again and got all the ports as stealth. After that I stopped receiving Rogers's messages.
In conclusion, it turned out that the Rogers's modem/router itself was triggering these annoying weekly messages with the claims that one of the internet-connected devices in our home was showing signs of an exploitable NetBIOS vulnerability and with the warnings that our internet service might be suspended. Rogers tests and the people running them were not able to pinpoint the source of the problem, which was their own modem. In addition, we found out that Rogers sent us a used modem without even bothering to restore the factory settings.
I hope my comment would help other Rogers customers who have been receiving the exploitable NetBIOS vulnerability messages from the company.
Can rogers spend $300 to get a synology NAS device from BestBuy and figure out why the false alarm?
alextsuk's post was spot on for me too!
"New" Rogers modem installed a few weeks ago and now I received a NetBIOS vulnerability email. On the phone Rogers claimed it couldn't have been caused by the modem, but that was the only new piece of hardware in the setup...
Ran a ShieldsUP! test to find very few ports were stealth and a few wide open! A hard reset of the Hiltron modem (10s hold with the pin button at the back) and now the ShieldsUP! test shows every port is in stealth.
This really needs to be included as part of the email or tech troubleshooting - step 1.