Comments on: Telkom premium combo ADSL wireless router security hole

By: kamercam

kamercam — Sat, 03 Oct 2009 06:29:55 +0000

Good morning all.Just a little warning to you guys.If you do have a private IT guy always watch what he is doing on your pc.There is a hack/way to find your account details off of the router.The first way A: is by making a backup of your settings,the account and router information can be found in the backup file that you have created.The second way B) is by viewing the source of the page where your account details is set up.

On wireless security try to stay away from WEP.it is possible to crack the wep encryption within 10 mins.WPA can also be cracked although bit more difficult but is.Also when you have only allowed certain Mac addresses,that a mac address can be spoofed.which means that the hard coded key on the hardware can be changed via certain software available.

another thing always default your router to factory settings should you return it to telkom or any other supporting company.There are many routers that have worm holes,not just telkom ones.

i havent done this yet but a lot of routers have java script running for the log in page.Java injectors are used to attack the router.And with the right injection the page becomes vulnerable.

take care and play safe.

chris

By: Chester

Chester — Wed, 12 Aug 2009 11:05:55 +0000

Hi all
This is a big problem, 70% of people leave there routers password admin and user admin.
Guys do the following type in 10.0.0.2 on your internet browser and you will be able to view your router change your password to letters and numbers this is all I can say of this, I think this is sick that people take other peoples hard earned money.

By: Richard Catto

Richard Catto — Tue, 02 Jun 2009 14:49:36 +0000

@Jean: Sure, we can. The article describes a security hole. iow, even with options set to deny remote administration, it is still possible via another port. That is a bug and the user cannot be held responsible for that.

By: Jean

Jean — Tue, 02 Jun 2009 14:39:45 +0000

Hey there, you guys can’t blame telkom if you dont have a firewall or some sort of security on your side. I use my router firewall and OS firewall. Build a bridge a enable your firewalls please.

By: Richard Catto

Richard Catto — Fri, 17 Apr 2009 19:08:07 +0000

@Marko: Telkom can tell which line was used to access bandwidth. When you complain, they tell you to open a charge with the SAPS.

By: Marko

Marko — Fri, 17 Apr 2009 16:37:47 +0000

One more piece of advice

Turn off your router, access point and computer(s) when not in use.

By: Marko

Marko — Fri, 17 Apr 2009 16:33:49 +0000

@Teresa, the problem is that it is very difficult to prove that it was not used by you. In many cases the bandwidth *is* actually being consumed by the person's PC, completely unbeknownst to them, eg. Windows XP trying repeatedly to download from windowsupdate.com or a virus/trojan infection trying to replicate itself continuously. I know this happens because I deal with these situations daily. If you have a Windows PC, do install a good anti virus product, do turn on the Windows firewall and do configure Automatic Updates to inform you and ask you when it wants to download something. Do also read your router's documentation and turn off remote administration, change the admin password and secure the wireless access point (if present). If you don't know what I'm talking about or don't care to try, do consider paying someone to do this for you, eg. Dial a Nerd. If you need a good, free Anti Virus solution, consider Clam Win

By: Teresa Schultz

Teresa Schultz — Fri, 17 Apr 2009 04:43:18 +0000

This happened to me too! On the 1st of April this year just over 1 gig of bandwidth on my account was used. NOT BY ME! It sucks. I’m disgusted. Yes, okay, so a solution is to learn how to secure it, but why should that be the only option? It’s sad that people are paying for a service not delivered properly, and having it stolen. Plus they are of very little help with enquiries.

By: Richard Catto

Richard Catto — Thu, 05 Mar 2009 12:14:25 +0000

@Pete: I bloody well can complain if someone takes something they are not rightfully entitiled to! It’s called stealing. If I leave the front door of my house open and you go in and remove my property without authorisation, you go to jail.

It makes no difference whether my router is secured or unsecured. Using someone else’s bandwidth is THEFT.

By: Pete

Pete — Thu, 05 Mar 2009 12:10:11 +0000

I have hacked a few routers now. The easiest way to do it is to hach wirelessly and then log into the router and obtain the usernames and passwords. I do this simply to help people. Not to steal bandwidth. It ussually takes me aboyt 30 seconds up to 2 minutes to crack a modem…….. In 95% of the cases the default user and password was not changed. People…. you cant complain if you do nothing about securing your pc’s!!!!! Come on!!!