[clug] OT Telstra modems (was: 300, 000 Optus customers' information insecure)

David Deaves David.Deaves at dd.id.au
Sun Mar 29 16:27:19 MDT 2015

> On 27/03/2015 5:52 pm, "Bryan Kilgallin" <bryan at netspeed.com.au> wrote:
> > In addition, Optus issued 197,000 Netgear modems and 111,000 Cisco modems
> to its customers with factory default settings, including user default
> names and passwords in place.}
> I don't really want to praise Telstra here, but BigPond branded and issued
> modems don't all have the same password. The password for each modem is
> printed on the label along with network ID, serial number and a lot of much
> less interesting information. This has been the case for a very long time.

Wise not to want to praise Telstra.  At one point in time - not sure if it is 
still the case - the SSID & Password were both derived from the serial number. 
Plus the serial number followed a pattern (not surprisingly) some digits coded 
the date of manufacture, then some were simply a sequence.  This was true of
the Thompson modems from memory.  The problem was you could iterate all possible 
serial numbers and generate a table of SSID/Password pairs.  Because only 6ish
hex digits of the SSID were generate, this resulted in 1-4 possible passwords 
for any given SSID, but trivial to try them all against any observed SSID.

Always change default passwords.

Dave !

More information about the linux mailing list