Couple of things to be taken care of when using The Best DSL service in Mumbai.
1) Please change router password from default "admin". By going into the router--->Status, I can get my router's IP address.
If I keep trying the IPs directly in ascending or descending serial order, sure enough I will reach other routers and where the default password is admin. Not that I can gain anything out of it, but can fiddle around with the settings and make it difficult for the other person. OR simply enable remote telnet management/web management and try and exploit those. Changing the admin password is a good first step.
2) The login/password (phone number/CA number) will work from any modem/location which has DSL enabled. This means that unlike the Caller ID based dial up system, I can use my username/password from anyone's dsl enabled location. The converse is, someone could do the same to me too.
while they can get your number from the username field if they access your router, they cannot get your CA number. However, one call to the call center and a couple of requests later, you can get that too. for any number. They do not have a good verification system in place. So you can start downloading on others time. Just like the usernames/passwords circulated during VSNLs 15000/yr TCP/IP account days.
Changing the default password by going to the mtnl website and subsequently in the router would be another good step.
3) Also, after every change, we are supposed to go into Tools-->System, Save and Reboot. This does not work with Firefox 1.5 beta atleast.
Hope this helps.
I have already told my sub divisional engineer about this and sent a brief note to the feedback form.
Does it warrant sending it to the papers?
regards abhi
Ignorance is Strength. What you don't know cannot hurt you.
__________________________________ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com
On 11/30/05, Abhishek Daga abhishekdaga@yahoo.com wrote:
Couple of things to be taken care of when using The Best DSL service in Mumbai.
thanks for these inputs
Abhishek Daga wrote:
Couple of things to be taken care of when using The Best DSL service in Mumbai.
- Please change router password from default "admin". By going into
the router--->Status, I can get my router's IP address.
The adsl modem by default has external configuration disabled. If you enable the firewall as well as disable all external access as explained in my earlier mail titled 'Firewall and Triband' then any access to your modem is disabled. Test your firewall on the link provided in the same mail.
Not that I can gain anything out of it, but can fiddle around with the settings and make it difficult for the other person. OR simply enable remote telnet management/web management and try and exploit those.
Could you do this if the modem firewall is enabled?
Regards,
Rony.
___________________________________________________________ WIN ONE OF THREE YAHOO! VESPAS - Enter now! - http://uk.cars.yahoo.com/features/competitions/vespa.html
--- Abhishek Daga abhishekdaga@yahoo.com wrote:
Changing the default password by going to the mtnl website and subsequently in the router would be another good step.
- Also, after every change, we are supposed to go into Tools-->System, Save >
and > Reboot. This does not work with Firefox 1.5 beta atleast.
The workaround for the Tools--System--"save and reboot" button not working with Firefox is to run the Wizard. This will do the needful and do the save and reboot.
Ignorance is Strength. What you don't know cannot hurt you.
__________________________________ Yahoo! Music Unlimited Access over 1 million songs. Try it free. http://music.yahoo.com/unlimited/
On Wednesday 30 November 2005 17:52, Abhishek Daga wrote:
Couple of things to be taken care of when using The Best DSL service in Mumbai.
- Please change router password from default "admin".
By going into the router--->Status, I can get my router's IP address.
The first thing u do with a new host / service is change ALL default passwords.
If I keep trying the IPs directly in ascending or descending serial order, sure enough I will reach other routers and where the default password is admin. Not that I can gain anything out of it,
U can rig the firewall rules to allow forwarding and gain access to the host. Hopefully people have a sane password + policy on the host to prevent access.
but can fiddle around with the settings and make it difficult for the other person. OR simply enable remote telnet management/web management and try and exploit those. Changing the admin password is a good first step.
- The login/password (phone number/CA number) will work from any
modem/location which has DSL enabled.
Change the password from the ca number to something else.
Does it warrant sending it to the papers?
I think not. With the number of clueless m$ users around u would have major problem. U are going to have a major problem anyway, but why precipitate it.
rgds jtd
On Wednesday 30 November 2005 17:52, Abhishek Daga wrote:
Couple of things to be taken care of when using The Best DSL service in Mumbai.
You can also run a scan for open ports/responding ports by running the test from http://www.dslreports.com/scan
Based on the results, you can tweak your dsl router to make the system more secure.
I enabled the firewall under the Wan Settings, as well as prevented the router from responding to various service requests from the external networks by checking all options under Advanced-=>Firewall section.
Then re-scanned the system which returned the following message.. ====================== Conclusion: Healthy Setup! We could detect no interesting responses from any of the commonly probed TCP and UDP ports. It would be difficult for an attacker to know where to start without further information. TCP ALL FILTERED No response packet was received. UDP ALL FILTERED No response packet was received. =======================
hth
__________________________________ Start your day with Yahoo! - Make it your home page! http://www.yahoo.com/r/hs
Hi,
I am running RHEL 3.0 with update 4. For some strange reason, lately, when I ssh into the server, I get the following messages on the client, after loggin in as root.
===== Last login: Fri Dec 2 14:15:53 2005 from localhost.localdomain Stopping mdmpd: [FAILED] Stopping cups: [FAILED] Stopping crond: [FAILED] Shutting down sendmail: [FAILED] net.core.rmem_default = 8388608 net.core.wmem_default = 8388608 net.core.rmem_max = 16000000 net.core.wmem_max = 10485760 [root]# =========
Anyone know what might be going on ?
Thanks Shahed
On Saturday 03 Dec 2005 1:52 am, Shahed Moolji wrote:
Anyone know what might be going on ?
looks like you have put some scripts in /etc/profile or in .bashrc
On Fri, 2005-12-02 at 20:22 +0000, Shahed Moolji wrote:
Hi,
I am running RHEL 3.0 with update 4. For some strange reason, lately, when I ssh into the server, I get the following messages on the client, after loggin in as root.
===== Last login: Fri Dec 2 14:15:53 2005 from localhost.localdomain Stopping mdmpd: [FAILED] Stopping cups: [FAILED] Stopping crond: [FAILED] Shutting down sendmail: [FAILED] net.core.rmem_default = 8388608 net.core.wmem_default = 8388608 net.core.rmem_max = 16000000 net.core.wmem_max = 10485760 [root]# =========
Anyone know what might be going on ?
There is no reason why a login session for root should initiate shutdown of services. Perhaps your system and/or 'root' login has been compromised. Use a rescue disk and check the integrity of the installed packages as well as contents of .bash*, .login, .profile files.
Also, it is not a good practice to login as root even over a ssh link.
On Saturday 03 Dec 2005 3:47 pm, Arun K. Khan wrote:
Also, it is not a good practice to login as root even over a ssh link.
i thought that sshd by default does not permit root loging?
On Sat, 2005-12-03 at 15:53 +0530, Kenneth Gonsalves wrote:
i thought that sshd by default does not permit root loging?
Agree, but from the transcript of the OP, it appears he logging in as root over ssh.
Thanks for all the input.
It was /etc/profile indeed, that did the service shuthdown , but only if uid = 0 So when I ssh'ed as a normal user , it did not give my the error messages.
The script was altered by a s/w package install, that I was not aware of.
Sorry, feel like such an idiot !!
Thanks Shahed.
On Saturday 03 December 2005 10:23, Kenneth Gonsalves wrote:
On Saturday 03 Dec 2005 3:47 pm, Arun K. Khan wrote:
Also, it is not a good practice to login as root even over a ssh link.
i thought that sshd by default does not permit root loging?
It doesnt. AFAIK, that output looks more like a change in runlevel than a shutdown...
BTW is that box connected to the internet 24x7? What firewall rules did you have? What services were exposed? Did you run chkrootkit?
-
Abhishek Daga -
Arun K. Khan -
Dinesh Joshi -
JTD -
Kenneth Gonsalves -
Rony Bill -
SeekingGyan -
Shahed Moolji