[clug] OT Telstra modems (was: 300, 000 Optus customers' information insecure)
David.Deaves at dd.id.au
Sun Mar 29 16:27:19 MDT 2015
> On 27/03/2015 5:52 pm, "Bryan Kilgallin" <bryan at netspeed.com.au> wrote:
> > In addition, Optus issued 197,000 Netgear modems and 111,000 Cisco modems
> to its customers with factory default settings, including user default
> names and passwords in place.}
> I don't really want to praise Telstra here, but BigPond branded and issued
> modems don't all have the same password. The password for each modem is
> printed on the label along with network ID, serial number and a lot of much
> less interesting information. This has been the case for a very long time.
Wise not to want to praise Telstra. At one point in time - not sure if it is
still the case - the SSID & Password were both derived from the serial number.
Plus the serial number followed a pattern (not surprisingly) some digits coded
the date of manufacture, then some were simply a sequence. This was true of
the Thompson modems from memory. The problem was you could iterate all possible
serial numbers and generate a table of SSID/Password pairs. Because only 6ish
hex digits of the SSID were generate, this resulted in 1-4 possible passwords
for any given SSID, but trivial to try them all against any observed SSID.
Always change default passwords.
More information about the linux