Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Supplied router
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- Broadband
- :
- Re: Supplied router
Supplied router
20-12-2014 10:38 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Should I have any worries about you being able to configure the supplied router therefore proving an inherent backdoor in it that could leave me vulnerable?
Message 1 of 2
(632 Views)
1 REPLY 1
Not applicable
Re: Supplied router
21-12-2014 6:13 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
That is a good question that I had never considered before - as I don't have the supplied router, or have used TR-069 configuration.
However, looking at the Plusnet article "How TR69 works", it appears that the router initiates the auto-configuration to the Plusnet servers, all communication is via https which ensures it is encrypted and secure, and you can choose to disable auto-configuration.
In addition, this WikiPedia article on TR-069 confirms the Plusnet information, and would suggest that the process is secure.
On Friday (19th December) Plusnet did some maintenance on their TR-069 and password systems, so hopefully the latest software and security patches were updated at that time.
If your concern about TR-069 auto-configuration is as a result of recent press articles on the "Misfortune cookie" attack which can break some systems, then that topic is being discussed in this forum topic "Is TG582n vulnerable to Misfortune Cookie?" and at this time the Plusnet router is not listed as a model that vulnerable to the attack. I had earlier seen the press articles on this particular attack and had already checked various router vulnerability databases, and had come to the conclusion that the Plusnet routers ware not vulnerable.
I don't know whether you are aware that Plusnet have a "Broadband Firewall" on their end of your connection, which you can configure to your desired level of protection, which can be used to prevent unsolicited connection attempts from the internet from reaching your home modem/router. If you have that set at an appropriate level then your router will have an additional level of protection from intrusion attempts that are attempting to discover backdoors on your connection.
I hope that has put your mind at ease !
However, looking at the Plusnet article "How TR69 works", it appears that the router initiates the auto-configuration to the Plusnet servers, all communication is via https which ensures it is encrypted and secure, and you can choose to disable auto-configuration.
In addition, this WikiPedia article on TR-069 confirms the Plusnet information, and would suggest that the process is secure.
On Friday (19th December) Plusnet did some maintenance on their TR-069 and password systems, so hopefully the latest software and security patches were updated at that time.
If your concern about TR-069 auto-configuration is as a result of recent press articles on the "Misfortune cookie" attack which can break some systems, then that topic is being discussed in this forum topic "Is TG582n vulnerable to Misfortune Cookie?" and at this time the Plusnet router is not listed as a model that vulnerable to the attack. I had earlier seen the press articles on this particular attack and had already checked various router vulnerability databases, and had come to the conclusion that the Plusnet routers ware not vulnerable.
I don't know whether you are aware that Plusnet have a "Broadband Firewall" on their end of your connection, which you can configure to your desired level of protection, which can be used to prevent unsolicited connection attempts from the internet from reaching your home modem/router. If you have that set at an appropriate level then your router will have an additional level of protection from intrusion attempts that are attempting to discover backdoors on your connection.
I hope that has put your mind at ease !
Message 2 of 2
(324 Views)
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page