| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 143967 | 2017-05-26 21:36:00 | Modem backdoor | pctek (84) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1435741 | 2017-05-26 21:36:00 | www.nzherald.co.nz "While the Vodafone support person was able to remotely access and change settings in an effort to fix the problem, the capacity for the back door to be exploited by a rogue company employee was concerning. He said the access was managed through sending a line of code to the modem which then reset it and allowed access by entering a generic password. The security expert spent $300 on new equipment to block Vodafone's access, which he says the company reimbursed him for, and raised his concerns with its security team." Ok, what new equipment? How would you block it? |
pctek (84) | ||
| 1435742 | 2017-05-26 22:10:00 | Buy a different router? or some kind of hardware firewall. I thought this was common knowledge myself, at least amongst "computer experts" |
dugimodo (138) | ||
| 1435743 | 2017-05-26 22:24:00 | I thought this was common knowledge myself, at least amongst "computer experts" Me too. |
KarameaDave (15222) | ||
| 1435744 | 2017-05-26 23:52:00 | From what I've googled most modems have a backdoor anyway, never mind the ISPs....so I was wondering what it was that cost him $300? A 3rd party router attached to the modem perhaps? | pctek (84) | ||
| 1435745 | 2017-05-27 00:17:00 | Someone wanting 5 minutes of fame again in the news media. Depending on what "modem" a person is using you may not have any choice but to use the ISP's. The ONT that gets supplied with UFB as far as I know, you have to use the One supplied by your ISP, same with Vodafones Cable and FibreX, their modem you have to use, as the MAC address is tied to their service/account, but you can use your own Router. The "modem" -- are they meaning the all in ones Modem/router ? The actual "Modem" as supplied by vodafone has no wireless capabilities at all, thats all handled through the router. Another thing, ask the average customer who uses the ISP supplied devices if they want one that does the job, or pay an additional $300 for a more secure to stop some possible backdoor look in--- We all know the answer to that ;) |
wainuitech (129) | ||
| 1435746 | 2017-05-27 02:56:00 | No one has actually answered my question. | pctek (84) | ||
| 1435747 | 2017-05-27 11:11:00 | I think the answer may not be certain, unless you want to ask him yourself. If he is on UFB then there is nothing he can do to stop his ISP from using their backdoor into his modem, as it is supplied and cannot be changed, but he can get a different router which they will not be able to get into using their backdoor. Otherwise he is just buying a different modem and/or router to the one supplied by his ISP. | Slankydudl (16687) | ||
| 1435748 | 2017-05-27 13:39:00 | Yeah that's basically it... Anything supplied by a 3rd party, who knows. I was building routers for a little while based on OpenWRT. You know how easy it is to leave your ssh pubkey in there? An / or a firewall rule that allows WAN access on a random port or from a specific IP range? They state: saying the remote access could provide a pathway to the contents of people's computers by employees of the company Right so that sounds like SSH access, coz, it's super freaking easy to do an SSH tunnel to a router or on-site device and bypass NAT. Then Spark etc confirming "remote access", it's probably just like TR069 or similar, which they can use to push a specific config out. For example the Orcon "HomeHub" or "Genius" would use TR069 to get the VoIP details based on the MAC address of the WAN port of the unit or whatever, would then pull down the SIP credentials, but technically that's still "remote access" coz they can adjust the firmware that's pushed out to your unit, including pushing out a firmware that includes XYZ vulnerability. It's not rocket science, and as others have mentioned it's certainly not unexpected amongst those who are in the industry and *definitely* reeks of somebody seeking 5 minutes of fame. Most ISP's that do it, have it so they can update firmware to address issues (For example my extended family had to have a firmware update that fixed a bug when connected to TeamSpeak), and / or manage things like a customers WiFi, where 90% of users are actually too clueless about how to get connected etc It also allows for you to re setup the customers modem remotely in the event some retard factory resets it, which happens a lot more often than you'd think... |
Chilling_Silence (9) | ||
| 1435749 | 2017-05-28 21:59:00 | The expert isnt its common knowledge ISPs add a back door its common knowledge that cheap routers & modems are notorious for being insecure, having security bugs that often dont get patched its common knowledge if you really are concerned, by a hardware firewall & DONT use ISPs modems its all BS. "the IT expert, who has experience working on IT security with intelligence agencies....." what sort of security expert doesnt know any of this, what sort of security expert uses an ISPs modem/router fake news |
1101 (13337) | ||
| 1435750 | 2017-05-28 22:20:00 | Sometimes the modem supplied by the ISP you HAVE to use, but routers are a different story :) | wainuitech (129) | ||
| 1 2 | |||||