Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Smart DSL security flaw

  • 08-05-2006 11:26am
    #1
    Closed Accounts Posts: 18,966 ✭✭✭✭


    Hi,

    I recently got Smart telecom, with the AOlynk DSL router, and while I was getting it working with my BSD box, I port scanned my public IP to see what was open. I noticed in the results that port 23 was open. I did not have a telnet server running so was surprised. I connected to it and found the remote configuration program for my router. It first had a prompt, and I put in the default username and password, and it authenticated me and logged me in. From here I could (among other things)create NAT rules for the network, so if I backdoored one of the computers in the network, I would be able to get NAT to forward the ports.

    I did not try to, but an attacker might even be able to find the WEP key through the console on wirelessly equipped routers.

    I then ping swept all the IP's in my public IP subnet, looking for port 23, and found several people with port 23 open. I would assume if they have not disabled the remote configuration, then they have not changed they router IP.

    If you have smart telecom, change your router username to something else, and if you can disable remote config altogether.

    -S-


Comments

  • Registered Users, Registered Users 2 Posts: 18,984 ✭✭✭✭kippy


    If you have smart telecom, change your router username to something else, and if you can disable remote config altogether.
    If you are using a router/networking device from any provider or manufacturer ensure you change the default username and password.


  • Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    true, but especially if you have smart.

    :D


  • Registered Users, Registered Users 2 Posts: 2,809 ✭✭✭edanto


    Thanks for the tip, I've changed the pwd as you recommend.

    What did you use for the scan of your ports, please? I've found one or two with google, but I don't know if they're reputable.

    Thanks.


  • Registered Users, Registered Users 2 Posts: 288 ✭✭gordonnet


    the same could also be said for eircom / magnet /ntl /chorus


  • Registered Users, Registered Users 2 Posts: 18,984 ✭✭✭✭kippy


    Not especially if you have Smart.....with all devices....
    Many of them have remote management left switched on by default-either through HTTP, HTTPS or telnet.
    Changing the password is one way of protecting your device.
    Kippy


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 2,809 ✭✭✭edanto


    Having looked a bit further, the Shields Up service at GRC looks like the real deal and not a bunch of crackers. I've not looked for this service before, would you trust the GRC people?
    http://www.grc.com/default.htm


  • Registered Users, Registered Users 2 Posts: 6,762 ✭✭✭WizZard


    edanto wrote:
    Having looked a bit further, the Shields Up service at GRC looks like the real deal and not a bunch of crackers. I've not looked for this service before, would you trust the GRC people?
    http://www.grc.com/default.htm
    Yes


  • Registered Users, Registered Users 2 Posts: 1,664 ✭✭✭rogue-entity


    Most well known DSL modems like my (no problems so far) Zyxel provide a remote management system on both Telnet and WWW. On mine if I scan my public IP from inside my network it will show p23 and p80 open, but if I run a scan from GRC, all bar (for some reason) p0 is stealth and p0 is closed.

    You should a) Change the default passwd and b) Set the remote management to LAN only (which is what I have done). You can also feel free to disable all bar the WWW management interface and change the port used by the other one (if you have two management systems like I have).


  • Registered Users, Registered Users 2 Posts: 4,676 ✭✭✭Gavin




Advertisement