Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Ethernet port on UPC digital recorder box

  • 29-01-2009 8:19pm
    #1
    frisket
    Registered Users, Registered Users 2 Posts: 143 ✭✭


    The diagnostics page on my UPC box says that the Ethernet port has picked up a DHCP IP address (currently 192.168.1.13), and indeed I can ping it. [edited: I thought earlier it was a fixed IP address but it's not].

    But what runs here? There's no response on port 80 or 8080, or 22 or 23 (or 161, as suggested by a Dutch site which claimed it ran SNMP).

    This is a Thomson box, h/w v.62UPC01 and s/w v.3.5.0.2

    Any thoughts/suggestions?


Comments

  • #2
    frisket
    Registered Users, Registered Users 2 Posts: 143 ✭✭frisket


    frisket wrote: »
    But what runs here?

    Uhuh. Leaving it plugged in was A Bad Idea. By the look of it, it got botnetted overnight. One of the computers on my network was unable to access the Internet this morning: every web page was replaced by a neatly-formatted login screen. The modem lights were blinking like crazy, so we unplugged it, and the other machine returned to normal operation after a reboot. It looks as if whatever infected the UPC box was acting as a fake DNS and gateway, as well as serving whatever it's been serving.

    In itself this isn't critical, as the other machines are all firewalled, and connecting the UPC box was just done out of curiosity. But that box is now infected, and while the TV operation appears unaffected, I'd be interested in knowing what it was and how to get rid of it. There is a USB socket as well: I'll try plugging this into a sacrificial standalone host. Does anyone know if the disk is accessible this way?


  • #3
    iMax
    Closed Accounts Posts: 3,489 ✭✭✭iMax


    Sorry, can't offer any advice, want to subscribe out of curiosity


  • #4
    Clareman
    Moderators, Sports Moderators, Regional Midwest Moderators Posts: 24,028 Mod ✭✭✭✭Clareman


    I would imagine that your network mightn't be configured 100% correctly to say a client can take control like that. I would install DameWare and try connect to the machine through that, you'll see a lot with that ;) with that or get a port scanner to scan the whole lot of it


  • #5
    Kensington
    Closed Accounts Posts: 3,683 ✭✭✭Kensington


    The box has a built in cable modem, so if UPC wanted, they could use the UPC box to allow customers to get their broadband through this Ethernet port. At the moment, they don't seem to be doing this, so the login screen you saw was probably the box trying to get details to connect up to UPCs network (was it asking for an SID by any chance?) as the box wouldn't have broadband activated on it. Since the boxes run proprietary software I doubt a botnet would be an issue.


Advertisement