cancel
Showing results for 
Search instead for 
Did you mean: 

Can we upgrade PlusNet Routers + Huawei modems

vetterlein
Grafter
Posts: 68
Registered: ‎11-01-2008

Can we upgrade PlusNet Routers + Huawei modems

As expected, attacks on the internet connected points are coming. Is it possible to upgrade firmware on these boxes?
http://www.symantec.com/connect/blogs/linux-worm-targeting-hidden-devices
4 REPLIES 4
Oldjim
Resting Legend
Posts: 38,460
Thanks: 787
Fixes: 63
Registered: ‎15-06-2007

Re: Can we upgrade PlusNet Routers + Huawei modems

From your link
Quote
Upon execution, the worm generates IP addresses randomly, accesses a specific path on the machine with well-known ID and passwords
It is already fixed as the password is definitely not well known
The modem isn't relevant I believe as it isn't the thing which controls network access
ejs
Aspiring Hero
Posts: 5,442
Thanks: 631
Fixes: 25
Registered: ‎10-06-2010

Re: Can we upgrade PlusNet Routers + Huawei modems

I think the default admin password - the serial number - is freely given away by the router over the local network by upnp, or to anyone in wifi range as part of the WPS information.
But I don't think the linked article is applicable to the technicolor routers because they don't contain php. They might have some weird server side dynamic pages, but they seem to be based on the lua programming language, not php.
Oldjim
Resting Legend
Posts: 38,460
Thanks: 787
Fixes: 63
Registered: ‎15-06-2007

Re: Can we upgrade PlusNet Routers + Huawei modems

I don't think it does as I just checked mine and the SSID is totally different from the password
vetterlein
Grafter
Posts: 68
Registered: ‎11-01-2008

Re: Can we upgrade PlusNet Routers + Huawei modems

Quote from: Oldjim
The modem isn't relevant I believe as it isn't the thing which controls network access

My thought was the reverse. [ I have FTTC , so  Huawei modem + Technicolour router ]
The Huawei is only addressable on an internal BT (?) network. The device you get to if you attack my IP address is the Techicolor .
I was looking to see it the Techicolor does enough logging (Appears not to) and allows flash upgarde (found command for it on telnet login, nothing on http access & no idea where I'd get a new image from in anycase)
My understanding is my IP address is tunnelled through the BT network, to attack the outside of the tunnel , one would need to start from BT private network?