dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
5031
share rss forum feed

VirtualLarry
Premium
join:2003-08-01

[Networking] If someone has my router password, what can they do with it?

Is the VZ CPE back-door internet-accessable? Can someone access my router remotely, if they have the password, and upload a hacked firmware?


hok

join:2002-02-27
While the Verizon router for FiOS can be accessed from WAN side via the Internet, it must be enable this feature from LAN side of the router first via Remote Administration under Advanced tab.


nycdave
Premium,MVM
join:1999-11-16
Melville, NY
kudos:17
reply to VirtualLarry
Hacked firmware will not load on any Verizon provided BHR.


HD_Ride
Premium
join:2000-10-18
Jerseyastan
reply to hok
said by hok:

While the Verizon router for FiOS can be accessed from WAN side via the Internet, it must be enable this feature from LAN side of the router first via Remote Administration under Advanced tab.

I wouldn’t be so sure about that, keep in mind port 4567 is wide open on the ActionTec for VZ and the world.


More Fiber
Premium,MVM
join:2005-09-26
West Chester, PA
kudos:32
reply to VirtualLarry
said by VirtualLarry:

Is the VZ CPE back-door internet-accessable?

Yes, but it is encrypted.

said by VirtualLarry:

Can someone access my router remotely, if they have the password,

No. Access through the CPE port does not use your router password.
--
There are 10 kinds of people in the world; those who understand binary and those who don't.


More Fiber
Premium,MVM
join:2005-09-26
West Chester, PA
kudos:32
reply to hok
said by hok:

While the Verizon router for FiOS can be accessed from WAN side via the Internet, it must be enable this feature from LAN side of the router first via Remote Administration under Advanced tab.

That's true for normal WAN services such as telnet and HTTP access to the router. It does not apply to the CPE management port, which is what we're talking about here.
The CPE management port can not be disabled through the advanced tab.
--
There are 10 kinds of people in the world; those who understand binary and those who don't.


birdfeedr
Premium,MVM
join:2001-08-11
Warwick, RI
kudos:9

1 edit
reply to HD_Ride
Re: port 4567.

You'll need to do a port scan to find that Netgear, at least the DIRz655 model, has a maintenance port as well. My point being that mfrs put that kind of access in for a reason.

I like open source hardware. At least the errant buffer overrun has a better chance of being fixed, if you can manage to stay updated.


HD_Ride
Premium
join:2000-10-18
Jerseyastan

1 edit
said by birdfeedr:

Re: port 4567.

You'll need to do a port scan to find that Netgear, at least the DIRz655 model, has a maintenance port as well. My point being that mfrs put that kind of access in for a reason.

I like open source hardware. At least the errant buffer overrun has a better chance of being fixed, if you can manage to stay updated.

running dd-wrt here, only ports open are what I've opened

EDIT: BTW you meant D-Link correct? I had two of the DIR655’s and nothing but lock-ups.

McBane

join:2008-08-22
Plano, TX
reply to VirtualLarry
You guys haven't heard of the ANT division?

»en.wikipedia.org/wiki/NSA_ANT_catalog

Other than a team such as this, you're pretty safe on Verizon routers though.


birdfeedr
Premium,MVM
join:2001-08-11
Warwick, RI
kudos:9
reply to HD_Ride
Yes, I meant dlink. Tablet autocorrect has its glitches.

Mine was flawless, but I stayed with the older firmware. Replaced it with ddwrt on a asus n56, but it's still chugging away at another site.


HD_Ride
Premium
join:2000-10-18
Jerseyastan
reply to McBane
If you were around here when the open port first became known it was a big deal and folks didn’t like it when. There was thread after thread about it. In another instance a member wrote a hack for the ActionTec config file to prevent VZ firmware updates, I thought was a good one but the newer firmware’s will no longer allow the hack.

So now it looks like the open ports and auto firmware updates are generally accepted by most here for whatever the reason. So you setup some custom rules, your wireless SSID & key then VZ comes along and wipes out your configuration with a firmware upgrade that makes perfect sense, LOL. Throw in the cheesy ActionTec firmware, nag screens and poor Wi-Fi performance that was enough for me to dump it. I haven’t used the ActionTec since 2009 and don’t plan to any time soon however if I ever need to return to the ActionTec again it’s nice to know the guys here posted a nice collection of workarounds to use

McBane

join:2008-08-22
Plano, TX
I've been on here since 2008 and have had FiOS since 2006 so yeah I was actually one of the people complaining about it, more so from a config wipe standpoint after updates. I still haven't heard of one "hacked" Actiontec or Westell though.


HD_Ride
Premium
join:2000-10-18
Jerseyastan
My wish list for the ActionTec would be a version of dd-wrt (or any other open source firmware) with the coax ported. I have the old Rev A with dd-wrt on installed but it’s kind of useless because we still need the Moca adapter and now that we use Wi-Fi more often we would need an Access Point as well. So I’d be looking at hanging an AP and a Nim100 off it. One extra device maybe but not both so that’s not going to happen. It’s a shame because IMO the ActionTec itself is a great piece of hardware, its only flaw is the firmware.


Smith6612
Premium,MVM
join:2008-02-01
North Tonawanda, NY
kudos:24
I've heard faint rumors that people who have managed to load OpenWRT to the ActionTec routers have also managed to get the Coaxial working. They either reverse engineered the driver or used some code available from the source code for the ActionTec.


HD_Ride
Premium
join:2000-10-18
Jerseyastan
Interesting but probably out of my scope unless they documented & scripted every step along the way. Thanks for the info, I'll at least look into it.