| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 58625 | 2005-06-06 21:35:00 | Heads Up: DSL Router Vulnerability. | Murray P (44) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 361758 | 2005-06-07 05:02:00 | similar to the Dynalink bug that allowed anyone caring to have a casual look, to access the routers settings including firmware. That's not just a user issue but a bug in the software. Sounds similar to he vulnerability currently affecting the DSL-504T (secunia.com) range |
b1naryb0y (3) | ||
| 361759 | 2005-06-07 08:51:00 | Most of them have the login and password as **** we all know what. Should be common sense to chnage it. In fact most documentation I have seen for various brands tell you to chnage it. Guess most peole don't even RTFM. |
pctek (84) | ||
| 361760 | 2005-06-07 08:53:00 | nope manuals are for n00bs | Codex (3761) | ||
| 361761 | 2005-06-07 09:50:00 | I can confirm that my DLink 504g had port 80 open to the outside world by default. Was quite a surprise. They shouldn't even be allowing it to run on port 80. | bmason (508) | ||
| 361762 | 2005-06-07 10:05:00 | Oh pullease, spare us all the self righteousness this thread is descending into, and "noob" stereotyping. I thought PressF1 had started to leave that behind in recent weeks. I did RTFM at the time, and did see that instruction (or something like). I had both a hardware and software firewall turned on so didn't see much point in changing the default user name and password at the time - the priority then was to get the router set up and working. Two years down the track and no intrusions. I just didn't choose to join Paranoics Anonymous at the time. PS this is not a reply to bmason. |
John H (8) | ||
| 361763 | 2005-06-07 10:17:00 | Was out wardriving last weekend and was totally amazed, not by how many hotspots we found but by the amount that weren't locked down. A quick look at what sought of router being displayed and using the default usename and password and wham we are in. Didn't do anything nasty besides surfing the net and downloading a few files, checked the emails. Just tring to locate one close to home so i can get internet for free LOL P.S don't ask me how, I'm not the brains behind the operation(as some of you might of guessed) |
plod (107) | ||
| 361764 | 2005-06-07 10:43:00 | Wow - remote administering people's routers across the internet because they'd left them open with default passwords was so last year. Needless to say that anyone with a port scanner, a knowledge of the default webserver running on said router, and the ability to download a manual could do so much damage to poor unsuspecting net surfers... | Growly (6) | ||
| 361765 | 2005-06-07 13:34:00 | Wow - remote administering people's routers across the internet because they'd left them open with default passwords was so last year . Needless to say that anyone with a port scanner, a knowledge of the default webserver running on said router, and the ability to download a manual could do so much damage to poor unsuspecting net surfers . . . Not just picking on you Growly, but your post is a handy example . For all like minded posters, pull your arrogant little ego's in, shut up and listen for a second or two, long enough to absorb this . Do you stop helping because a vulnerability was common knowledge to some here last year? Because the same stupid virus or dialler has struck again, because someone has a BIOS glitch that was patched years ago but only became apparent when they installed new hardware . Maybe we shouldn't shouldn't help people who use Win98, it's so passe, were're too 1337 to bother our heads with it . This router thing is similar to others, yes . It should have been fixed when first discovered in this model, yes . A whole bunch of routers are shipping that do not have the firmware patch to fix it, yes . There are other models with a similar problem that have just been discovered, yes . People will be caught out by this, yes . So what's your freakin problem, apart from the fact you can't be bothered anymore! If you made it this far, congratulations on your improving attention deficit . If you didn't, you won't mind me telling you to go take a flying . . . . . . . . head |
Murray P (44) | ||
| 361766 | 2005-06-08 06:05:00 | Are the D-LINK modems that XTRA ship affected? I currently use a Dynalink RTA770W, and that doesn't have any ports open on the WAN side for access (Telnet, HTTP etc), so is very secure. I also changed the Web Admin Login name and Password to stop any LAN access to the configuration. |
Dragonslayer (512) | ||
| 361767 | 2005-06-08 06:24:00 | Wow - remote administering people's routers across the internet because they'd left them open with default passwords was so last year. Needless to say that anyone with a port scanner, a knowledge of the default webserver running on said router, and the ability to download a manual could do so much damage to poor unsuspecting net surfers... well it might of been so last year, but just goes to show whats out there. |
plod (107) | ||
| 1 2 3 | |||||