PDA

View Full Version : Router access



tut
12-04-2017, 08:29 AM
Can an ISP access ones computer through your modem?

pctek
12-04-2017, 09:10 AM
No

wainuitech
12-04-2017, 09:17 AM
They can see the Router, and what make / model it is. How much further they can see not to sure.

Been several times when at customers places talking to Vodafone, they have said (as an example) can you please plug in our Modem/router as the Netgear ??????? that's connected at the moment they don't offer support, only their own supplied.

Certainly no one told them what make or model of Modem/router was attached.

tut
12-04-2017, 10:07 AM
Thanks. I have a 'friend' that found a keylogger on his laptop. Through something he got involved in America he is sure his computer is being is being monitored especially emails.

No one has had access to his computer that he knows of so is just wondering.

1101
12-04-2017, 12:24 PM
sounds like tinfoil hat stuff to me.

Keyloggers etc almost allways come via user stupidity . Then just so easy to blame someone else .
Download that crack & keygen, go to those dodgy sites, share those joke emails :banana

ISP's do have backdoor access to ISP supplied routers . That wont give direct access to PC's

Many routers still have the default password, allowing anyone on the internet to login to the router (mainly older routers) & change DNS etc.
it is in theory possible to open ports on the router , then brute force RDP into the PC.

All highly unlikely . Its easier to sneak into your house & just copy the hard drive . :badpc:

Kame
12-04-2017, 06:41 PM
ISP have access to their supplied modem/router using the TR-069 protocol/CWMP.

tut
12-04-2017, 08:26 PM
Thanks Kame.
I googled the protocol you mentioned and found this.

http://www.pcworld.com/article/2463480/many-home-routers-supplied-by-isps-can-be-compromised-en-masse-researchers-say.html

Below is an excerpt from the web page

Many customers likely don’t know that their ISPs have this level of control over their routers, especially since custom firmware running on them often hides the TR-069 settings page in the router administration interface, Tal said. Even if the owner knows about this remote management service, most of the time there is no option to disable it, he said.

If an attacker compromises an ACS he could obtain information from the managed routers like wireless network names, hardware MAC addresses, voice-over-IP credentials, administration usernames and passwords. He could also configure the router to use a rogue DNS server, to pass the entire traffic Internet through a rogue tunnel, set up a hidden wireless network or remove the security password from the existing network. Even worse, he could upgrade the firmware on the devices with a rogue version that contains malware or a backdoor.

Would anyone care to comment about this.

Kame
12-04-2017, 09:02 PM
tut,

Unless the information you send over the internet is encrypted an ISP can eavesdrop on everything.

The only reason for a keylogger would be to grab passwords for other areas they be interested in knowing more about.

I wouldn't jump to the conclusion that the ISP did this. It seems more an inside job with physical access. You would need to allow a keylogger through your antivirus. If this keylogger phones home, you need to let it through your firewall. Both tasks aren't easy to do remotely.

Unless this person is of high interest, there could be many working against him.

If he is concerned, he needs to look at privatising everything he does.

Chilling_Silence
13-04-2017, 01:26 PM
Why would they want a keylogger when all your data goes through them anyways? Anything unencrypted can theoretically be viewed by them.
Why would they want to though? So they can get your pressf1 login?

As others have mentioned, it's far, far easier for a user to get a keylogger from another rogue method, such as they were going to some dodgy pr0n site, trying to watch movies illegally and it presented them with malware to 'watch' it with, stuff like that.

Also, Windows doesn't just "accept" programs remotely, they've still got to have administrative credentials on your PC in order to even attempt anything, even IF they were tunneling through your router.

Very tin-foil hat, holds basically no weight, user is just blaming their ISP for their own stupidity IMO.

1101
13-04-2017, 03:07 PM
Would anyone care to comment about this.

Yes.
Disconnect from the internet . :)

The more common , real world issues are old (and new) routers with UNPATCHED security holes, old routers with the default login/pass & default that allows admin
access from the internet. All the Internet attached hardware with security holes that will never get patched

Thats your real world issue . People getting there webcams, security cams, NAS devices, old routers, hacked into . Still, hardly ever happens given the no of
these devices out there

tut
15-04-2017, 11:48 AM
Many thanks for the replies. I found the comments both interesting and informative.
I don't look good in a tinfoil hat so am going to disconnect from the internet and put the lappy away.

As an aside I am having trouble with my smart phone. My eyesight is going and need something with a bigger screen.
Does anyone have a 10" tablet they might like to sell me cheap. I have been looking at tablets on Trademe but there is so many in my price range that I am not willing to take a gamble on getting some real crap.
A while ago I bought a $66 dollar Laser tablet to see what the size was like. It was good but very basic so I invested in a much more expensive HP.
What a heap of s##t it turned out to be and last week it got binned, The $66 laser is still chugging away.
.