dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
9888
share rss forum feed


Thinkdiff
Premium,MVM
join:2001-08-07
Bronx, NY
kudos:11
reply to David

Re: Fair warning! 3rd party purchase of U-verse IPDSLAM modem

Appreciate the information, as now I'll know why my modem might not work next week.

Still wish AT&T would be more accepting of the third-party market. Not only does it save the customer some money (making them happier), it's also less wasteful. Tons of AT&T modems are sitting around in closets unused because they try to force brand new equipment on everyone.
--
University of Southern California - Fight On!



brg

join:2001-01-03
Chicago, IL
kudos:1

1 recommendation

reply to David

Folks, David did us all a big favor posting relevant information. Don't shoot the messenger. And don't try to pin him down on -- or pin on him -- corporate decisions that he had nothing to do with...



NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage

said by brg:

Folks, David did us all a big favor posting relevant information. Don't shoot the messenger. And don't try to pin him down on -- or pin on him -- corporate decisions that he had nothing to do with...


--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.


ILpt4U
Premium
join:2006-11-12
Lisle, IL
kudos:9
Reviews:
·AT&T U-Verse
reply to brg

said by brg:

Folks, David did us all a big favor posting relevant information. Don't shoot the messenger. And don't try to pin him down on -- or pin on him -- corporate decisions that he had nothing to do with...

Agreed.

David is a great help to a many people

ipman

join:2010-08-31
San Jose, CA
reply to David

any ideas when does the NEW certificate expires? I guess the modem was designed by Mayans?



Thinkdiff
Premium,MVM
join:2001-08-07
Bronx, NY
kudos:11
reply to David

Well crap. Just got my modem and it has 7.8.7r9.

If it's just a matter of new firmware, why can't AT&T post the firmware file for 7.8.7r27 so we can connect? Does anybody know where to get the firmware?
--
University of Southern California - Fight On!



DataRiker
Premium
join:2002-05-19
00000

said by Thinkdiff:

Well crap. Just got my modem and it has 7.8.7r9.

If it's just a matter of new firmware, why can't AT&T post the firmware file for 7.8.7r27 so we can connect? Does anybody know where to get the firmware?

Rethink possible.

They could have just posted it online for download, but then they wouldn't be the most anti consumer obsolete relic of a monopoly would they


DesertRats
Premium
join:2003-11-23
Santa Clarita, CA
reply to David

Just to clear the mud in my mind am I correct that if I were to get a 2210-02-1ATT with firmware version 7.8.7r27 I would be able to replace my NVG510 and use my old router?

Would it be plug and play or will it require re authorization or something?

As others have said thanks for your info. and help.



ILpt4U
Premium
join:2006-11-12
Lisle, IL
kudos:9
Reviews:
·AT&T U-Verse

said by DesertRats:

Just to clear the mud in my mind am I correct that if I were to get a 2210-02-1ATT with firmware version 7.8.7r27 I would be able to replace my NVG510 and use my old router?

Would it be plug and play or will it require re authorization or something?

As others have said thanks for your info. and help.

If it has the current firmware, it would work to replace an NVG510. It would be plug and play. As long as it is a good modem, it should work

No promises or warranties though on equipment acquired from sources other than from AT&T

alex14464

join:2004-11-11
Bonne Terre, MO

there has to be a way to get this firmware somehow? like the 2wire 2700 i had, took me a wile to find it but got it



ILpt4U
Premium
join:2006-11-12
Lisle, IL
kudos:9
Reviews:
·AT&T U-Verse

said by alex14464:

there has to be a way to get this firmware somehow? like the 2wire 2700 i had, took me a wile to find it but got it

I agree, there has to be a way to get it.

Is it possible to rip it out of a current updated 2210?


DataRiker
Premium
join:2002-05-19
00000

said by ILpt4U:

said by alex14464:

there has to be a way to get this firmware somehow? like the 2wire 2700 i had, took me a wile to find it but got it

I agree, there has to be a way to get it.

Is it possible to rip it out of a current updated 2210?

Generally dumping firmware on modems is no easy task. Usually need an exploit, so I would say unlikely.


ILpt4U
Premium
join:2006-11-12
Lisle, IL
kudos:9
Reviews:
·AT&T U-Verse

Next question then:

David notes that the firmware is still being pushed to active devices on the network that have the old firmware (key word: devices already active)

That says to me that somewhere on an AT&T server that firmware is sitting there to download...

That firmware has to have a location... a URL, an IP, something...



DataRiker
Premium
join:2002-05-19
00000
reply to David

me thinks it would be easier to put an non updated model live with a packet trapper in the middle ( any linux box with two ethernet ports should be apt )

Should be able to isolate the file that way.

The fact that you have to do that is ridiculous.



Thinkdiff
Premium,MVM
join:2001-08-07
Bronx, NY
kudos:11
reply to ILpt4U

Obviously, AT&T could just release the firmware update. But they won't because they want that $100 modem fee and don't care about screwing over the customer.

I'm debating whether or not to dump the contents of the memory chip in the modem and try to locate the certificate. I suppose I'd need an updated 2210 to extract the correct cert (or maybe I can get it from the NVG510 they're sending me).
--
University of Southern California - Fight On!



Thinkdiff
Premium,MVM
join:2001-08-07
Bronx, NY
kudos:11
reply to DataRiker

said by DataRiker:

me thinks it would be easier to put an non updated model live with a packet trapper in the middle ( any linux box with two ethernet ports should be apt )

Should be able to isolate the file that way.

The fact that you have to do that is ridiculous.

The issue is you'd have to sniff the DSL packets/frames (which are presumably encrypted, causing this problem in the first place) because you won't see the activity on the LAN side of the modem.
--
University of Southern California - Fight On!


DataRiker
Premium
join:2002-05-19
00000

Yes your right the wan traffic would be encrypted certainly.

I didn't think it through



Thinkdiff
Premium,MVM
join:2001-08-07
Bronx, NY
kudos:11
reply to David

Not that it needs any more confirmation, but my DSL was activated today and, as expected, the 2210 doesn't work. Fails at authentication.

Still not sure how much effort I want to put into fixing this. Might just purchase a NVG510 off eBay for now until I have more time.

Certainly doesn't leave a good taste in my mouth as a new customer, not that I liked AT&T much to begin with.
--
University of Southern California - Fight On!



life

@sbcglobal.net
reply to Thinkdiff

Hey man, you're ic Cali, right?? Simply find a forum over at UCal/Berkeley and talk to some linux/unix geeks.. .. .. problem solved. someone over there will at least be able to point you to how to access/program the darn thing from command line; if you're so inclined. take care. Have A Healthy, Prosperous Day!
---out here.. .. ..
---10th SFG(A) --> 'kill 'em all....let god sort 'em out!"



DataRiker
Premium
join:2002-05-19
00000

said by life :

Hey man, you're ic Cali, right?? Simply find a forum over at UCal/Berkeley and talk to some linux/unix geeks.. .. .. problem solved. someone over there will at least be able to point you to how to access/program the darn thing from command line; if you're so inclined. take care. Have A Healthy, Prosperous Day!
---out here.. .. ..
---10th SFG(A) --> 'kill 'em all....let god sort 'em out!"

No.

If it were just a matter of linux I could certainly help you out. Most modems have the firmware tightly locked.

Although I don't own nor have ever used this modem, so I could be wrong.


Thinkdiff
Premium,MVM
join:2001-08-07
Bronx, NY
kudos:11
reply to life

I'm a graduate student at USC in Computer Engineering, so I think I can handle getting into the router on my own

It's just a question of whether or not I want to spend time doing that. I purchased a NVG510 off eBay for $10, so that will probably lessen my desire to break into the 2210.
--
University of Southern California - Fight On!



Thinkdiff
Premium,MVM
join:2001-08-07
Bronx, NY
kudos:11

1 edit
reply to DataRiker

said by DataRiker:

No.

If it were just a matter of linux I could certainly help you out. Most modems have the firmware tightly locked.

Although I don't own nor have ever used this modem, so I could be wrong.

I'm thinking there are a number of ways into this thing:

1. It as a built-in, but disabled, Telnet server. If I could activate the telnet server, it seems like changing out the cert is straightforward (from the Netopia manual for the generic 2210).

2. It probably has either a JTAG or COM interface (or both). I popped it open, but didn't find any locations on the board that screamed JTAG/COM to me. There are a number of highlighted test points (one group of 7, another group of 3). I'm thinking there could be something there.

3. Dump the whole filesystem, find the cert, and replace it/reflash the memory

Unfortunately 1 and 3 require reading out the memory chip, which is definitely possible, but the setup time could be extensive. 2 is easy if you get lucky and find the interface you're looking for quickly, but that's a long shot. It'd be better if I could find a datasheet for the Infineon psb7100 chip inside the modem, but I haven't found one.

Edit: some more digging turned up that the PSB 7100 is based on an old TI AR7 design, which does have a UART interface. No idea if that interface has stuck around in the Infineon branded chips, but it seems like a good place to start.
--
University of Southern California - Fight On!

cramer
Premium
join:2007-04-10
Raleigh, NC
kudos:9

If you have the new cert, yes. But that's the problem... you'd have to "hack" one that works to get it's cert to fix the one that doesn't. And if you have one that works, you don't need to do any of this.

(BTW, there are ways to get the serial console / telnet access enabled on the NVG. Retreiving the cert, is another matter.)



DataRiker
Premium
join:2002-05-19
00000

said by cramer:

If you have the new cert, yes. But that's the problem... you'd have to "hack" one that works to get it's cert to fix the one that doesn't. And if you have one that works, you don't need to do any of this.

(BTW, there are ways to get the serial console / telnet access enabled on the NVG. Retreiving the cert, is another matter.)

Exactly


Thinkdiff
Premium,MVM
join:2001-08-07
Bronx, NY
kudos:11
reply to cramer

Click for full size
Success
--
University of Southern California - Fight On!


ILpt4U
Premium
join:2006-11-12
Lisle, IL
kudos:9

Any details on how said success has been attained?



Thinkdiff
Premium,MVM
join:2001-08-07
Bronx, NY
kudos:11

I'll throw together a quick tutorial when I have some time over the next few days. To summarize: copy AT&T/Moto root CA certs from NVG510, activate telnet on the 2210, install new certs, reboot.

It's actually a good thing AT&T sent me a NVG510. It's much easier to get the CA certs from it compared to the 2210.
--
University of Southern California - Fight On!



ILpt4U
Premium
join:2006-11-12
Lisle, IL
kudos:9

Has your 2210, now that it has connected, tried to download the new firmware yet?

The process seems fairly straight forward -- well done =)



Thinkdiff
Premium,MVM
join:2001-08-07
Bronx, NY
kudos:11
reply to David

Not sure if this is allowed. If it isn't, mods you can remove it or ATT people, PM me and I will take it down ASAP.

Here's what I believe to be the 7.8.7r27 firmware for the 2210.

MD5 (nta787r27_attsw.bin) = 715b2b5d3071731fffbb91ca686a5377

WARNING: I have NOT tested this. I have no idea if it works. I have no idea if it will brick your modem. I have no idea if it will allow your outdated 2210 to get online. You use this completely at your own risk.
That being said, if you try it and it works, let me know
--
University of Southern California - Fight On!


Thinkdiff
Premium,MVM
join:2001-08-07
Bronx, NY
kudos:11
reply to ILpt4U

said by ILpt4U:

Has your 2210, now that it has connected, tried to download the new firmware yet?

The process seems fairly straight forward -- well done =)

I finally let the modem stay online for more than a few seconds tonight (I pulled the plug the other day after seeing authentication pass so it wouldn't update). It connected to the ATT CWMP server, received a config file (I think), then it downloaded the firmware file. All this occurred within 30 seconds of the modem being online.

About a minute later, it flashed the firmware file and automatically rebooted into 7.8.7r27.
--
University of Southern California - Fight On!