dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
11297

Thinkdiff
MVM,
join:2001-08-07
Bronx, NY

Thinkdiff to David

MVM,

to David

Re: Fair warning! 3rd party purchase of U-verse IPDSLAM modem

Appreciate the information, as now I'll know why my modem might not work next week.

Still wish AT&T would be more accepting of the third-party market. Not only does it save the customer some money (making them happier), it's also less wasteful. Tons of AT&T modems are sitting around in closets unused because they try to force brand new equipment on everyone.

brg
Premium Member
join:2001-01-03
Chicago, IL

1 recommendation

brg to David

Premium Member

to David
Folks, David did us all a big favor posting relevant information. Don't shoot the messenger. And don't try to pin him down on -- or pin on him -- corporate decisions that he had nothing to do with...

NetFixer
From My Cold Dead Hands
Premium Member
join:2004-06-24
The Boro
Netgear CM500
Pace 5268AC
TRENDnet TEW-829DRU

NetFixer

Premium Member

said by brg:

Folks, David did us all a big favor posting relevant information. Don't shoot the messenger. And don't try to pin him down on -- or pin on him -- corporate decisions that he had nothing to do with...


ILpt4U
Premium Member
join:2006-11-12
Saint Louis, MO
ARRIS TM822
Asus RT-N66

ILpt4U to brg

Premium Member

to brg
said by brg:

Folks, David did us all a big favor posting relevant information. Don't shoot the messenger. And don't try to pin him down on -- or pin on him -- corporate decisions that he had nothing to do with...

Agreed.

David is a great help to a many people
ipman
join:2010-08-31
San Jose, CA

ipman to David

Member

to David
any ideas when does the NEW certificate expires? I guess the modem was designed by Mayans?

Thinkdiff
MVM,
join:2001-08-07
Bronx, NY

Thinkdiff to David

MVM,

to David
Well crap. Just got my modem and it has 7.8.7r9.

If it's just a matter of new firmware, why can't AT&T post the firmware file for 7.8.7r27 so we can connect? Does anybody know where to get the firmware?

DataRiker
Premium Member
join:2002-05-19
00000

2 recommendations

DataRiker

Premium Member

said by Thinkdiff:

Well crap. Just got my modem and it has 7.8.7r9.

If it's just a matter of new firmware, why can't AT&T post the firmware file for 7.8.7r27 so we can connect? Does anybody know where to get the firmware?

Rethink possible.

They could have just posted it online for download, but then they wouldn't be the most anti consumer obsolete relic of a monopoly would they

DesertRats
Premium Member
join:2003-11-23
Santa Clarita, CA

DesertRats to David

Premium Member

to David
Just to clear the mud in my mind am I correct that if I were to get a 2210-02-1ATT with firmware version 7.8.7r27 I would be able to replace my NVG510 and use my old router?

Would it be plug and play or will it require re authorization or something?

As others have said thanks for your info. and help.

ILpt4U
Premium Member
join:2006-11-12
Saint Louis, MO
ARRIS TM822
Asus RT-N66

ILpt4U

Premium Member

said by DesertRats:

Just to clear the mud in my mind am I correct that if I were to get a 2210-02-1ATT with firmware version 7.8.7r27 I would be able to replace my NVG510 and use my old router?

Would it be plug and play or will it require re authorization or something?

As others have said thanks for your info. and help.

If it has the current firmware, it would work to replace an NVG510. It would be plug and play. As long as it is a good modem, it should work

No promises or warranties though on equipment acquired from sources other than from AT&T
alex14464
join:2004-11-11
Bonne Terre, MO

alex14464

Member

there has to be a way to get this firmware somehow? like the 2wire 2700 i had, took me a wile to find it but got it

ILpt4U
Premium Member
join:2006-11-12
Saint Louis, MO
ARRIS TM822
Asus RT-N66

ILpt4U

Premium Member

said by alex14464:

there has to be a way to get this firmware somehow? like the 2wire 2700 i had, took me a wile to find it but got it

I agree, there has to be a way to get it.

Is it possible to rip it out of a current updated 2210?

DataRiker
Premium Member
join:2002-05-19
00000

DataRiker

Premium Member

said by ILpt4U:

said by alex14464:

there has to be a way to get this firmware somehow? like the 2wire 2700 i had, took me a wile to find it but got it

I agree, there has to be a way to get it.

Is it possible to rip it out of a current updated 2210?

Generally dumping firmware on modems is no easy task. Usually need an exploit, so I would say unlikely.

ILpt4U
Premium Member
join:2006-11-12
Saint Louis, MO
ARRIS TM822
Asus RT-N66

ILpt4U

Premium Member

Next question then:

David notes that the firmware is still being pushed to active devices on the network that have the old firmware (key word: devices already active)

That says to me that somewhere on an AT&T server that firmware is sitting there to download...

That firmware has to have a location... a URL, an IP, something...

DataRiker
Premium Member
join:2002-05-19
00000

DataRiker to David

Premium Member

to David
me thinks it would be easier to put an non updated model live with a packet trapper in the middle ( any linux box with two ethernet ports should be apt )

Should be able to isolate the file that way.

The fact that you have to do that is ridiculous.

Thinkdiff
MVM,
join:2001-08-07
Bronx, NY

Thinkdiff to ILpt4U

MVM,

to ILpt4U
Obviously, AT&T could just release the firmware update. But they won't because they want that $100 modem fee and don't care about screwing over the customer.

I'm debating whether or not to dump the contents of the memory chip in the modem and try to locate the certificate. I suppose I'd need an updated 2210 to extract the correct cert (or maybe I can get it from the NVG510 they're sending me).
Thinkdiff

Thinkdiff to DataRiker

MVM,

to DataRiker
said by DataRiker:

me thinks it would be easier to put an non updated model live with a packet trapper in the middle ( any linux box with two ethernet ports should be apt )

Should be able to isolate the file that way.

The fact that you have to do that is ridiculous.

The issue is you'd have to sniff the DSL packets/frames (which are presumably encrypted, causing this problem in the first place) because you won't see the activity on the LAN side of the modem.

DataRiker
Premium Member
join:2002-05-19
00000

DataRiker

Premium Member

Yes your right the wan traffic would be encrypted certainly.

I didn't think it through

Thinkdiff
MVM,
join:2001-08-07
Bronx, NY

Thinkdiff to David

MVM,

to David
Not that it needs any more confirmation, but my DSL was activated today and, as expected, the 2210 doesn't work. Fails at authentication.

Still not sure how much effort I want to put into fixing this. Might just purchase a NVG510 off eBay for now until I have more time.

Certainly doesn't leave a good taste in my mouth as a new customer, not that I liked AT&T much to begin with.

life
@sbcglobal.net

life to Thinkdiff

Anon

to Thinkdiff
Hey man, you're ic Cali, right?? Simply find a forum over at UCal/Berkeley and talk to some linux/unix geeks.. .. .. problem solved. someone over there will at least be able to point you to how to access/program the darn thing from command line; if you're so inclined. take care. Have A Healthy, Prosperous Day!
---out here.. .. ..
---10th SFG(A) --> 'kill 'em all....let god sort 'em out!"

DataRiker
Premium Member
join:2002-05-19
00000

DataRiker

Premium Member

said by life :

Hey man, you're ic Cali, right?? Simply find a forum over at UCal/Berkeley and talk to some linux/unix geeks.. .. .. problem solved. someone over there will at least be able to point you to how to access/program the darn thing from command line; if you're so inclined. take care. Have A Healthy, Prosperous Day!
---out here.. .. ..
---10th SFG(A) --> 'kill 'em all....let god sort 'em out!"

No.

If it were just a matter of linux I could certainly help you out. Most modems have the firmware tightly locked.

Although I don't own nor have ever used this modem, so I could be wrong.

Thinkdiff
MVM,
join:2001-08-07
Bronx, NY

Thinkdiff to life

MVM,

to life
I'm a graduate student at USC in Computer Engineering, so I think I can handle getting into the router on my own

It's just a question of whether or not I want to spend time doing that. I purchased a NVG510 off eBay for $10, so that will probably lessen my desire to break into the 2210.
Thinkdiff

1 edit

Thinkdiff to DataRiker

MVM,

to DataRiker
said by DataRiker:

No.

If it were just a matter of linux I could certainly help you out. Most modems have the firmware tightly locked.

Although I don't own nor have ever used this modem, so I could be wrong.

I'm thinking there are a number of ways into this thing:

1. It as a built-in, but disabled, Telnet server. If I could activate the telnet server, it seems like changing out the cert is straightforward (from the Netopia manual for the generic 2210).

2. It probably has either a JTAG or COM interface (or both). I popped it open, but didn't find any locations on the board that screamed JTAG/COM to me. There are a number of highlighted test points (one group of 7, another group of 3). I'm thinking there could be something there.

3. Dump the whole filesystem, find the cert, and replace it/reflash the memory

Unfortunately 1 and 3 require reading out the memory chip, which is definitely possible, but the setup time could be extensive. 2 is easy if you get lucky and find the interface you're looking for quickly, but that's a long shot. It'd be better if I could find a datasheet for the Infineon psb7100 chip inside the modem, but I haven't found one.

Edit: some more digging turned up that the PSB 7100 is based on an old TI AR7 design, which does have a UART interface. No idea if that interface has stuck around in the Infineon branded chips, but it seems like a good place to start.
cramer
Premium Member
join:2007-04-10
Raleigh, NC
Westell 6100
Cisco PIX 501

cramer

Premium Member

If you have the new cert, yes. But that's the problem... you'd have to "hack" one that works to get it's cert to fix the one that doesn't. And if you have one that works, you don't need to do any of this.

(BTW, there are ways to get the serial console / telnet access enabled on the NVG. Retreiving the cert, is another matter.)

DataRiker
Premium Member
join:2002-05-19
00000

DataRiker

Premium Member

said by cramer:

If you have the new cert, yes. But that's the problem... you'd have to "hack" one that works to get it's cert to fix the one that doesn't. And if you have one that works, you don't need to do any of this.

(BTW, there are ways to get the serial console / telnet access enabled on the NVG. Retreiving the cert, is another matter.)

Exactly

Thinkdiff
MVM,
join:2001-08-07
Bronx, NY

Thinkdiff to cramer

MVM,

to cramer
Click for full size
Success

ILpt4U
Premium Member
join:2006-11-12
Saint Louis, MO

ILpt4U

Premium Member

Any details on how said success has been attained?

Thinkdiff
MVM,
join:2001-08-07
Bronx, NY

Thinkdiff

MVM,

I'll throw together a quick tutorial when I have some time over the next few days. To summarize: copy AT&T/Moto root CA certs from NVG510, activate telnet on the 2210, install new certs, reboot.

It's actually a good thing AT&T sent me a NVG510. It's much easier to get the CA certs from it compared to the 2210.

ILpt4U
Premium Member
join:2006-11-12
Saint Louis, MO

ILpt4U

Premium Member

Has your 2210, now that it has connected, tried to download the new firmware yet?

The process seems fairly straight forward -- well done =)

Thinkdiff
MVM,
join:2001-08-07
Bronx, NY

Thinkdiff to David

MVM,

to David
Not sure if this is allowed. If it isn't, mods you can remove it or ATT people, PM me and I will take it down ASAP.

Here's what I believe to be the 7.8.7r27 firmware for the 2210.

MD5 (nta787r27_attsw.bin) = 715b2b5d3071731fffbb91ca686a5377

WARNING: I have NOT tested this. I have no idea if it works. I have no idea if it will brick your modem. I have no idea if it will allow your outdated 2210 to get online. You use this completely at your own risk.
That being said, if you try it and it works, let me know
Thinkdiff

Thinkdiff to ILpt4U

MVM,

to ILpt4U
said by ILpt4U:

Has your 2210, now that it has connected, tried to download the new firmware yet?

The process seems fairly straight forward -- well done =)

I finally let the modem stay online for more than a few seconds tonight (I pulled the plug the other day after seeing authentication pass so it wouldn't update). It connected to the ATT CWMP server, received a config file (I think), then it downloaded the firmware file. All this occurred within 30 seconds of the modem being online.

About a minute later, it flashed the firmware file and automatically rebooted into 7.8.7r27.