Dataone broadband hacking

[soroccoheaven]

my line is not port binded ..i know this..and modem is always on (PPPoe ,firewall enables,remote access disabled,port 80,23 disabled ..am i safe ??..and how do these pepple hack the others account ..because in browser view -source is not working for my modem web configuration interface.

 

[Rahulrulez]

Hmm... I am sure that Port Binding is not Safest way to prevent Hacking...Because if your ID is port Binded then Hackers use Bridge mode to bypass it..and it works 99% i have experienced lot of account problems due to hacking. and one more.. BSNL don't do anything cause finding hacker is very lengthy process.And if you want to be safe... then u must change your password in 3-4 days.

 

[cyberwiz]

Bridge mode to bypass port binding ?

 

[Rahulrulez]

yea.. it is well known method to bypass it...

 

[cyberwiz]

what exactly do u mean by bypass? do u access other accounts on ur port binded line? or ur account is usable from other lines?

 

[amish]

bridged mode has nothing to do with port binding

 

[babu03]

"Your Braoadband connection is tied down to your phone no.No one use your broadband connection."completely wrong.I tested from a friend's home using his line.connected and downloaded in normal speed file using MY MODEM.

 

[amish]

yes BSNL still hasnt implemented port binding everywhere

 

[subham]

Ok, not having anything better to do this afternoon, i decided to learn exactly how"port binding" works. I am posting this for the benfit of others who might be interested. Its not too technical and you get a fairly good idea.This is how UTstarcom(DSLAM equipment provider to BSNL) defines port-binding as( i think it calls it iSMART)"Operator A offers both flat-fee DSL service to residential customers and to business customers such as Internet cafes.All services are based on PPPoE authentication and utilize common B-RAS. To prevent residential customers fromusing their home accounts at an Internet cafe, the operator has to bind the subscriber’s username and password to theirhome DSL port. This way, residential DSL subscribers can use their logon information to gain Internet access at home,but not at an Internet café or at the home of another residential customer. In this application, the DSLAM is requiredto insert home-port identity information along with the PPP authentication packet."And this is what UTStarcom says regarding the "home port" in the above para"iSmart inserts home-port identity information into the PAP authentication packet and relays the information to thePPPoE server. Home-port identity information includes the AN-2000 node ID as well as the shelf, slot and port indexof the home port. This information is inserted into the username field of the PAP authentication request. The operatorcan provision the system to replace the original username with home-port identity information, or to append thehome-port information in front of the original username. Each DSL port can be independently provisioned to turniSmart on or off and, if turned on, to either replace the username or append the home-port to the original username"Hope this helped you understanding port binding a little better.

 

[mrityu12]

@Shubham
So, does it mean that if iSmart is off (which appears to be the default state) then the DSLAM doesn't insert the home-port identity information into the PAP authentication packet. Which means that the PPPoE server has no way to get the DSLAM port ID "if" port binding is not done.

Which means that, if what you say is true and if I haven't misunderstood, in case someone gets an ID/Pass of someone else and accesses it from elsewhere, and none of the lines are port binded, no one will ever know from where such unauthorised access was made, am I right or worng??