Press Room

  • Share on Facebook
  • Share on Twitter
  • Share on Google Plus
  • Share on Linkedin

Welcome to ZyXEL Press Room In this area you can browse the latest announcements, events and more from ZyXEL and our worldwide subsidiaries.

ZyXEL response to story regarding the SYN flood issue on ZyXEL P600 and P660 routers

February 07, 2014

 

ZyXEL is committed to providing our customers with secure, high-performing solutions. We're aware of the SYN attack that has been affecting our P600 and P660 router models and have been working to resolve any resulting issues.

Only customers who have remote management open on the routers are affected. At this time, ZyXEL UK has received calls from a small number of who have been affected by this issue. We are informing customers of the steps they need to take in order to address the issue and will be keeping them updated if any further action is required.

ZyXEL recommends that customers turn off remote management on the WAN for all protocols including http, ftp, telnet, and SNMP.

Where this is not possible, we recommend turning on only the protocol that is needed and additionally, changing the management port to non-standard and locking the IP addresses that can access the remote management ports.

Where possible, customers should also make sure the firewall is turned on. Specific instructions on how to take these remedial steps this are being made available to customers (see below) on request.

Further instructions will be issued if required.

For further information and assistance, customers can email support@zyxel.co.uk or call ZyXEL UK 0845 122 0301.

RECOMMENDED REMEDIAL ACTIONS

ZyXEL recommends customers using P600 and P660 routers take the following steps:

1) In Maintenance > Remote MGMT set the Server Access for any management interfaces in use to LAN only or disable for any not in use; we strongly recommend SNMP is disabled. DNS should never be enabled from the WAN as this is unnecessary.

2) Only enable WAN access to management interfaces that you need to access remotely.

3) In Security > Firewall enable the firewall (if available) and create a WAN-WAN/Router firewall rule to restrict the source IP addresses that can access the router’s management interface(s) from the WAN. Customers with model that have no firewall should contact ZyXEL directly.