Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: Modem backdoor

  1. #1
    Senior Member pctek's Avatar
    Join Date
    Feb 2005
    Location
    In the Wild West
    Posts
    24,212

    Default Modem backdoor

    http://www.nzherald.co.nz/business/n...ectid=11864111

    "While the Vodafone support person was able to remotely access and change settings in an effort to fix the problem, the capacity for the back door to be exploited by a rogue company employee was concerning.

    He said the access was managed through sending a line of code to the modem which then reset it and allowed access by entering a generic password.

    The security expert spent $300 on new equipment to block Vodafone's access, which he says the company reimbursed him for, and raised his concerns with its security team."


    Ok, what new equipment?

    How would you block it?
    wipe your paws.

  2. #2
    amateur expert dugimodo's Avatar
    Join Date
    Dec 2005
    Posts
    8,061

    Default Re: Modem backdoor

    Buy a different router? or some kind of hardware firewall.

    I thought this was common knowledge myself, at least amongst "computer experts"
    Ryzen 2700X, 16Gb DDR4RAM, 512GB M.2 NVME SSD, MSI GTX1070

  3. #3
    Apple free in Appleby KarameaDave's Avatar
    Join Date
    Sep 2009
    Location
    Near Drummond, Southland
    Posts
    5,010

    Default Re: Modem backdoor

    Quote Originally Posted by dugimodo View Post
    I thought this was common knowledge myself, at least amongst "computer experts"
    Me too.
    FTW

  4. #4
    Senior Member pctek's Avatar
    Join Date
    Feb 2005
    Location
    In the Wild West
    Posts
    24,212

    Default Re: Modem backdoor

    From what I've googled most modems have a backdoor anyway, never mind the ISPs....so I was wondering what it was that cost him $300? A 3rd party router attached to the modem perhaps?
    wipe your paws.

  5. #5
    Computer Technician wainuitech's Avatar
    Join Date
    Aug 2007
    Location
    Wellington
    Posts
    28,112

    Default Re: Modem backdoor

    Someone wanting 5 minutes of fame again in the news media.

    Depending on what "modem" a person is using you may not have any choice but to use the ISP's. The ONT that gets supplied with UFB as far as I know, you have to use the One supplied by your ISP, same with Vodafones Cable and FibreX, their modem you have to use, as the MAC address is tied to their service/account, but you can use your own Router.

    The "modem" -- are they meaning the all in ones Modem/router ? The actual "Modem" as supplied by vodafone has no wireless capabilities at all, thats all handled through the router.

    Another thing, ask the average customer who uses the ISP supplied devices if they want one that does the job, or pay an additional $300 for a more secure to stop some possible backdoor look in--- We all know the answer to that
    Last edited by wainuitech; 27-05-2017 at 11:20 AM.

  6. #6
    Senior Member pctek's Avatar
    Join Date
    Feb 2005
    Location
    In the Wild West
    Posts
    24,212

    Default Re: Modem backdoor

    No one has actually answered my question.
    wipe your paws.

  7. #7
    Senior Member Slankydudl's Avatar
    Join Date
    Jan 2012
    Location
    Wellington
    Posts
    885

    Default Re: Modem backdoor

    I think the answer may not be certain, unless you want to ask him yourself. If he is on UFB then there is nothing he can do to stop his ISP from using their backdoor into his modem, as it is supplied and cannot be changed, but he can get a different router which they will not be able to get into using their backdoor. Otherwise he is just buying a different modem and/or router to the one supplied by his ISP.
    | Intel i5 2500k @ 4.5Ghz | Hyper 212 evo CPU cooler | Corsair vengance 12gb 1600Mhz | EVGA 1070 FTW | 60gb SSD + 500gb SSD + 2x WD black 1tb HDD | Asus P8Z68-V/GEN3 | Corsair AX850w | Corsair 600t white |

  8. #8
    Where is Metla these days Chilling_Silence's Avatar
    Join Date
    Dec 2004
    Location
    Auckland
    Posts
    17,146

    Default Re: Modem backdoor

    Yeah that's basically it... Anything supplied by a 3rd party, who knows.
    I was building routers for a little while based on OpenWRT. You know how easy it is to leave your ssh pubkey in there? An / or a firewall rule that allows WAN access on a random port or from a specific IP range?

    They state:
    saying the remote access could provide a pathway to the contents of people's computers by employees of the company
    Right so that sounds like SSH access, coz, it's super freaking easy to do an SSH tunnel to a router or on-site device and bypass NAT.

    Then Spark etc confirming "remote access", it's probably just like TR069 or similar, which they can use to push a specific config out. For example the Orcon "HomeHub" or "Genius" would use TR069 to get the VoIP details based on the MAC address of the WAN port of the unit or whatever, would then pull down the SIP credentials, but technically that's still "remote access" coz they can adjust the firmware that's pushed out to your unit, including pushing out a firmware that includes XYZ vulnerability. It's not rocket science, and as others have mentioned it's certainly not unexpected amongst those who are in the industry and *definitely* reeks of somebody seeking 5 minutes of fame.

    Most ISP's that do it, have it so they can update firmware to address issues (For example my extended family had to have a firmware update that fixed a bug when connected to TeamSpeak), and / or manage things like a customers WiFi, where 90% of users are actually too clueless about how to get connected etc
    It also allows for you to re setup the customers modem remotely in the event some retard factory resets it, which happens a lot more often than you'd think...
    I mostly do Bitcoin & DigiByte things these days, feel free to say hi on Twitter: https://twitter.com/dgb_chilling

    Before you ask a question here, or before you get upset by a response, see here:
    http://www.catb.org/~esr/faqs/smart-...ons.html#intro

  9. #9
    Senior Member 1101's Avatar
    Join Date
    Jan 2008
    Posts
    7,099

    Default Re: Modem backdoor

    The expert isnt

    its common knowledge ISPs add a back door
    its common knowledge that cheap routers & modems are notorious for being insecure, having security bugs that often dont get patched
    its common knowledge if you really are concerned, by a hardware firewall & DONT use ISPs modems

    its all BS.
    "the IT expert, who has experience working on IT security with intelligence agencies....."
    what sort of security expert doesnt know any of this, what sort of security expert uses an ISPs modem/router

    fake news

  10. #10
    Computer Technician wainuitech's Avatar
    Join Date
    Aug 2007
    Location
    Wellington
    Posts
    28,112

    Default Re: Modem backdoor

    Sometimes the modem supplied by the ISP you HAVE to use, but routers are a different story

Similar Threads

  1. Vulnerability / backdoor in some Dlink modem/routers
    By Speedy Gonzales in forum PC World Chat
    Replies: 7
    Last Post: 22-10-2013, 09:42 PM
  2. backdoor lite
    By Noel in forum PressF1
    Replies: 3
    Last Post: 03-09-2004, 01:27 PM
  3. Backdoor.agent.B
    By j.w.knowles in forum PressF1
    Replies: 6
    Last Post: 31-07-2004, 07:36 PM
  4. Backdoor Livup.E
    By bbxian in forum PressF1
    Replies: 5
    Last Post: 01-05-2004, 04:15 PM
  5. backdoor.sdbot
    By veterannz in forum PressF1
    Replies: 2
    Last Post: 31-07-2003, 06:41 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •