BSNL Broadband seems to have blocked SSH Port 22 on their network
pothi
@127.0.0.1
Not working in Tamilnadu, either.
Hi,
Yes, I am also facing the same SSH issue after 1st of August 2017. I visited the BSNL office but it is too hard to explain them what exactly the problem is ... I suggested them many time that the port is somehow blocked ... but they never tried to understand ...not sure what will happen but at the end of day I have sent them the problem in written...let see how it goes from now ... will keep you all updated....
Nand
Yes, I am also facing the same SSH issue after 1st of August 2017. I visited the BSNL office but it is too hard to explain them what exactly the problem is ... I suggested them many time that the port is somehow blocked ... but they never tried to understand ...not sure what will happen but at the end of day I have sent them the problem in written...let see how it goes from now ... will keep you all updated....
Nand
Unfortunately, router/modems are the weakest security link for a consumer. Unlike computer/smartphone operating systems, consumer networking equipment firmwares aren't updated automatically or regularly by default to patch vulnerabilities. Added to this, is the default/weak password used in those devices.
Only reason the ISP's sprung into action in the case of 'BrickBot' is actually because the customers lost access to the Internet, I don't think they took any action for 'Mirai' bot net which used the same methodology to convert routers, modems, IOT's to bots for DDOS attacks and the device owner wouldn't even have a clue in this case.
To answer your question ,
1. Though the best strategy is to patch the vulnerabilities,
Easiest : Deny connection to the customers who have default passwords, call them and force them to update the password.
Recommended : To update firmwares for all the affected devices.
2. In case of Mirai or other bot-net malware,
Blocking outbound access for C&C (Command and Control ) center for the bot-net , rendering the infected devices useless for the malware owners.
There are other complex packet analysis mechanisms to detect malwares, recent jump in machine learning technologies has made it much more effective. ISP's should be mandatorily made to disclose security breaches and should be audited regularly by CERT-IN (DoT).
For Home users :
Custom routers can be constructed which could run regular desktop OS such as Ubuntu or OpenBSD , that can be updated regularly.
For ISP :
Long term strategy should be aimed at procuring networking equipments which can be regularly updated. With little support from the government, local manufacturers can definitely manufacture networking equipments; it can be an asset to the national security as well.
Only reason the ISP's sprung into action in the case of 'BrickBot' is actually because the customers lost access to the Internet, I don't think they took any action for 'Mirai' bot net which used the same methodology to convert routers, modems, IOT's to bots for DDOS attacks and the device owner wouldn't even have a clue in this case.
To answer your question ,
1. Though the best strategy is to patch the vulnerabilities,
Easiest : Deny connection to the customers who have default passwords, call them and force them to update the password.
Recommended : To update firmwares for all the affected devices.
2. In case of Mirai or other bot-net malware,
Blocking outbound access for C&C (Command and Control ) center for the bot-net , rendering the infected devices useless for the malware owners.
There are other complex packet analysis mechanisms to detect malwares, recent jump in machine learning technologies has made it much more effective. ISP's should be mandatorily made to disclose security breaches and should be audited regularly by CERT-IN (DoT).
For Home users :
Custom routers can be constructed which could run regular desktop OS such as Ubuntu or OpenBSD , that can be updated regularly.
For ISP :
Long term strategy should be aimed at procuring networking equipments which can be regularly updated. With little support from the government, local manufacturers can definitely manufacture networking equipments; it can be an asset to the national security as well.
i guess the biggest problem is that the products that these companies provide to the customers are probably procured through a tender process which means that consumers end up getting the outdated piece of junk that no one would buy in the retail market. even if the customer is knowledgeable about the technicalities of upgrading a router manually, how many of the routers provided by bsnl would have updates in the first place. just look at what airtel used to provide to their customers...
MGMNT SSID on Airtel routers like Beetel TC2
MGMNT SSID on Airtel routers like Beetel TC2
Yesterday they called me regarding my email and they said to visit the bsnl exchange by bringing my modem to fix it. The problem is about my modem ?