Re: ARTICLE - openwrt/dd-wrt based modem/router vulnerability?
Tom Wittbrodt wrote: > I admit I didn't read the fine print when I signed up with Verizon for > DSL service but I wasn't aware the company providing my DSL service > could push changes like this to my router without my involvement. For what it might be worth, when I signed up for Speakeast DSL, they had the option of the customer taking control of the CPE. It technically voided any support of it the company was obliged to give (they did still give support in practice), but you got FULL control. With my starting of Just Works, I was forced to use Comcast as the only viable ISP available. (No DSL service, no FIOS available, Cell WANs and Satellite systems no viable...) When I set up my Comcast Business line, I was pleasantly surprised that the support guy offered to set the modem to route my static IP straight to my WRT54GL. This gave me complete control over my connection to the outside world without having to do any extra layers of IANA reserved network space. I did a happy dance knowing I had complete control over my own network. (And no, the router is not accessible from outside... not directly at least. I set up an port forward on a non-standard port to an other SSH server internally for LAN access from outside. All passwords are at least moderately strong.) Brian -- --- | br...@datasquire.net Proprietor: http://www.JustWorksNH.com | | Computers and Web Sites that JUST WORK | | Work: +1 (603) 484-1461Home: +1 (603) 484-1469| --- ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: ARTICLE - openwrt/dd-wrt based modem/router vulnerability?
On Fri, Mar 27, 2009 at 1:07 PM, Tom Wittbrodt wrote: > I wasn't aware the company providing my DSL service > could push changes like this to my router without my involvement. From what I've seen, most telco-provided CPE has this sort of capability. (And as I always say, cable TV companies are telco's, too). DSL modem, cable modem, routers, set-top boxes, etc. If they provide it, they control it. Typically without your knowledge. Given that telco's are notorious for depending on security-by-obscurity, it wouldn't surprise me in the least to learn that this has all sorts of security problems with it. Heck, I almost expect it. For example, maybe every Verizon (FairPoint, whatever) DSL modem in NH has the same telco account password. "We don't care. We don't have to. We're the phone company." I generally always recommend putting your own firewall/router/whatever between third-party equipment and your own networks/systems. -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: ARTICLE - openwrt/dd-wrt based modem/router vulnerability?
Michael ODonnell wrote: > FWIW: > >http://apcmag.com/new-worm-can-infect-home-modemrouters.htm > > ___ > gnhlug-discuss mailing list > gnhlug-discuss@mail.gnhlug.org > http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/ > > I'm not sure if this is in anyway related but it concerned me when it happened: Some time after Fair Point took over from Verizon, the admin pages of my VersaLink DSL router updated itself with Fair Point branding and a whole new interface without my having done anything. (I don't use these administrative pages very often, every half year or so, and was very surprised to see that it had changed when I logged in to the router last week). I admit I didn't read the fine print when I signed up with Verizon for DSL service but I wasn't aware the company providing my DSL service could push changes like this to my router without my involvement. If Fair Point can trigger this kind of update, it leaves me wondering if I've got some kind of hole through which other things could come in. -- Tom ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: ARTICLE - openwrt/dd-wrt based modem/router vulnerability?
Summary: 1) IFF your router is MIPS based (Linksys) 2) AND IF you have telnet/SSH/http open to the WAN (and wireless someday?) 3) AND IF you have one of the 6000 logins with one of the 13,000 password (week password) THEN you're vulnerable. I'd imagine it'd be easy for the bot to evolve to use the wireless to search out other routers via wireless. That would add 4) IF you don't use WPA2. 2009/3/25 Michael ODonnell > > FWIW: > > http://apcmag.com/new-worm-can-infect-home-modemrouters.htm > > ___ > gnhlug-discuss mailing list > gnhlug-discuss@mail.gnhlug.org > http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/ > ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/