Almost no surprise they are all third world, still scary in a sense. Might just have to rethink a blacklist strategy for traffic originating behind those locations.
-- J. Hellenthal The fact that there's a highway to Hell but only a stairway to Heaven says a lot about anticipated traffic volume. > On Jul 10, 2020, at 15:30, blakan...@gmail.com wrote: > > Well here are a couple hundred: > > https://www.shodan.io/search?query=Command+Line+Interface+for+EPON+System > > -Keith > > Mel Beckman wrote on 7/10/2020 1:07 PM: > >> Perhaps you’re confusing OLT with ONT? An OLT is a “curbside” distribution >> node, the ONT is the CPE. The vulnerability is in the distribution node, not >> the CPE. No provider with any sense exposes their distribution node admin >> interface to the Internet. >> >> -mel via cell >> >>> On Jul 10, 2020, at 1:01 PM, m...@beckman.org wrote: >>> >>> The “WAN” port of an OLT _is_ it’s management port. Data, IPTV, and VoIP >>> traffic pass on VLANs, typically encrypted. These are passive optical >>> network (PON) devices, where all CPE in a group of, say, 32 premises >>> receive the same light via an optical splitter. Thus network partitioning >>> is a requirement of the architecture. There is no concept of a traditional >>> “WAN” port facing the Internet. >>> >>> -mel via cell >>> >>>> On Jul 10, 2020, at 12:21 PM, Owen DeLong <o...@delong.com> wrote: >>>> >>>> >>>> Um, from the article it appears that this isn’t on the Management >>>> interface, but the WAN port of the OLT. >>>> >>>> Owen >>>> >>>> >>>>> On Jul 10, 2020, at 11:01 , Mel Beckman <m...@beckman.org> wrote: >>>>> >>>>> But who, who I ask, opens their management interface to the public >>>>> Internet?!?! >>>>> >>>>> Maybe this is vulnerability if you have a compromised management network, >>>>> but anybody who opens CPE up to the Internet is just barking mad :-) >>>>> >>>>> -mel via cell >>>>> >>>>>> On Jul 10, 2020, at 10:00 AM, Owen DeLong <o...@delong.com> wrote: >>>>>> >>>>>> >>>>>> https://www.zdnet.com/article/backdoor-accounts-discovered-in-29-ftth-devices-from-chinese-vendor-c-data/?ftag=TRE-03-10aaa6b&bhid=29077120342825113007211255328545&mid=12920625&cid=2211510872 >>>>>> >>>>>> Wow… Just wow. >>>>>> >>>>>> Owen >>>>>> >>>> >
smime.p7s
Description: S/MIME cryptographic signature