A friendly security alert to ACT users

[pothi]

You Should Be Worried If You’re An ACT Broadband User | HuffPost India

 

[vishalrao]

Same issue is there with BSNL FTTH.

 

[Sushubh]

but can outsiders access your router on a natted connection?

 

[igloo]

not to worry if you got your own router.

 

[varkey]

Act atleast in Bangalore used to provide a 10.x.x.x IP address on the WAN side, and from what I recall it wasn't a 1:1 NAT either. So not sure how these are accessible from an external network.

As much we all hate CG-NAT, I guess it hides and indirectly protects you from some bad practices

 

[JB701]

When I used to have DEN Boomband back in 2015, it had a similar issue. All the cable modems were exposed to CGN Network; I was able to access these routers with default password and got hundreds of pppoe logins and wifi passwords. I eventually decided to inform DEN about this and they turned to cable modem MAC address based authentication but even now default login on most of these cable modems is still admin/admin.
I didn't even have any scripting or linux experience back then so I had to manually try to login and check every modem.

 

[vishalrao]

but can outsiders access your router on a natted connection?

i dont know about ACT but BSNL FTTH is still giving direct public IPs to the ONU and anyone from outside visits your IP it shows the modem's web login page and most LCOs provide ONTs with default user/password which is easy to guess.

most people are not tech savvy like us on this forum (to have their own routers and ONT in bridge mode etc) so they are at risk.

and side note is the existing BSNL redirection to malware sites still going on - what total incompetence on their part to not stop doing that!

 

[igloo]

ACT use to give public ip address in Delhi atleast when i was using them.