cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Hub 2 -- Lax Admin Security?

madra
Grafter
Posts: 26
Thanks: 12
Fixes: 2
Registered: ‎14-03-2017

Hub 2 -- Lax Admin Security?

‎22-12-2022 10:55 PM - edited ‎22-12-2022 10:56 PM

I've been pretty used to visiting my routers internal IP address on my home network and being dumped right into the admin section.

 

Today I activated 'Static IP' add-on for my broadband package and visited my router via its static IP address on my phone [which has never connected to my router before]. I was pretty shocked to find that the router admin section is partially open for anyone to snoop around, who chances upon my IP.  Now, I'm not saying it's completely wide open. If I try to dive into any of the sections to change a setting, I'm asked for the admin password --thank god! However, there's still a lot of potentially private info that's freely visible on the router admin screen, without entering the admin password:

 

* The 'Hub Status' page, which gives, amongst other things; connection status, upload and download speed, uptime, router serial number, router firmware version.

 

* Basic WiFi page, which gives; which channel frequencies [2,4GHz and/or 5GHz] are active, which channel each is using,  whether I have WPS enabled, network name, security type, wireless mode.

 

* My devices page, which gives a list of every device connected to my router, with their individual IP addresses. This is a shocking security hole. So, now I'm not only at risk from anyone with an exploit for my router, but for anyone with an exploit for anyone of the dozen or so devices connected to it!

 

Am I missing something here? Or is there some pretty atrocious security on this router?  With my last broadband router, if I visited its public IP address, I couldn't see anything at all without logging in.  This one seems to give any potential hackers a wealth of useful information to help them along.

Tags (3)
Message 1 of 12
(1,534 Views)
0 Thanks
11 REPLIES 11
MisterW
Superuser
Superuser
Posts: 14,709
Thanks: 5,499
Fixes: 393
Registered: ‎30-07-2007

Re: Hub 2 -- Lax Admin Security?

‎23-12-2022 7:49 AM

Are you sure your phone was connected via the mobioe network and not via your home wifi ?

AFAIK thev router is not accesible remotely by default. Howevervif you were connected to your home network, then NAT loopback would allow access internally without going out to the internet and back

Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.

Message 2 of 12
(1,494 Views)
Dan_the_Van
Aspiring Hero
Posts: 2,538
Thanks: 1,145
Fixes: 73
Registered: ‎25-06-2007

Re: Hub 2 -- Lax Admin Security?

‎23-12-2022 8:26 AM

In support of the above post you can check the open ports on your router

https://www.yougetsignal.com/tools/open-ports/ 

Select "Scan all Common Ports" found at the bottom of the command ports list on the right.

I have been unable to connect to my router from the internet using my public static IP address but I can on my local LAN.

HTH

 

 

Message 3 of 12
(1,481 Views)
Baldrick1
Moderator
Moderator
Posts: 11,683
Thanks: 5,196
Fixes: 417
Registered: ‎30-06-2016

Re: Hub 2 -- Lax Admin Security?

‎23-12-2022 8:58 AM

Moderators Note

This topic has been moved from Full Fibre to My Router

Moderator and Customer
If this helped - select the Thumb
If it fixed it,  help others - select 'This Fixed My Problem'

Message 4 of 12
(1,464 Views)
0 Thanks
madra
Grafter
Posts: 26
Thanks: 12
Fixes: 2
Registered: ‎14-03-2017

Re: Hub 2 -- Lax Admin Security?

‎23-12-2022 10:47 AM - edited ‎23-12-2022 10:47 AM

  >Are you sure your phone was connected via the mobioe network and not via your home wifi ?

 

Ah. that's a point.  I was checking in the house, so my mobile would have been going through my house WiFi. I'll have to test again when I'm out and about.

 

That said, I'd never connected to my router via my phone. So, even if [as seems likely] my phone was using my home WiFi network,  I was still seeing a lot of info 'for free' about my router config and setup, without being logged in in any way, but just by dint of being on the same local network.

 

It still seems very lax from a security point of view.  I'm thinking if this was a small office setting or somewhere like a cafe / pub where they allow guest access to their network, or a shared student house. It's surely not good practice to give so much potential 'ammo' to anyone who happens to be on the same network. Guests or non-admin users shouldn't be able to 'peek behind the curtain' at the router's admin controls at all, without logging in.

Message 5 of 12
(1,426 Views)
0 Thanks
Mr_Paul
Seasoned Pro
Posts: 575
Thanks: 197
Fixes: 11
Registered: ‎07-06-2022

Re: Hub 2 -- Lax Admin Security?

‎23-12-2022 10:48 AM

I'm sure that when I have had cause to contact Plusnet with an issue, they have been able to see in to my Hub2 to check for issues?

Is there a hidden "Admin" login that they use to do this?

 

 

Message 6 of 12
(1,422 Views)
0 Thanks
MisterW
Superuser
Superuser
Posts: 14,709
Thanks: 5,499
Fixes: 393
Registered: ‎30-07-2007

Re: Hub 2 -- Lax Admin Security?

‎23-12-2022 10:50 AM - edited ‎23-12-2022 10:53 AM

 Guests or non-admin users shouldn't be able to 'peek behind the curtain' at the router's admin controls at all, without loggi

you might be able to look at some basic information but you can't 'do' anything without logging in

 

Is there a hidden "Admin" login that they use to do this?

no, they use TR069 which is a secure protocol which only allows access from the Plusnet server

Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.

Message 7 of 12
(1,419 Views)
Baldrick1
Moderator
Moderator
Posts: 11,683
Thanks: 5,196
Fixes: 417
Registered: ‎30-06-2016

Re: Hub 2 -- Lax Admin Security?

‎23-12-2022 2:15 PM

@madra wrote:

....It still seems very lax from a security point of view. 

Seeing as BT hubs plus I suspect many others the same there are literally millions of devices across the country with your definition of lax security.

Fortunately if this bothers you there is no restriction to you getting your own third party hub.

Moderator and Customer
If this helped - select the Thumb
If it fixed it,  help others - select 'This Fixed My Problem'

Message 8 of 12
(1,363 Views)
0 Thanks
madra
Grafter
Posts: 26
Thanks: 12
Fixes: 2
Registered: ‎14-03-2017

Re: Hub 2 -- Lax Admin Security?

‎23-12-2022 4:06 PM - edited ‎23-12-2022 4:09 PM

@MisterW wrote:

you might be able to look at some basic information but you can't 'do' anything without logging in

 

Without logging in I can see what model router I'm using and what its firmware version is. I can also see a list of every device connected to my network along with their internal IP number.

 

Both of those are security risks. There are plenty of sites [both well- and ill-intentioned] out there which publish lists of exploits for various software / firmware on various devices. Usually a ne'er-do-well would have to probe the system, looking for open ports and trying to deduce what devices were behind them on which IPs and then try a range of exploits. This hub basically removes one of those obstacles by openly listing everything attached to the network and giving its IP. So now the miscreant has a nice list of devices to check aginast his stash of exploits.

 

@Baldrick1 wrote:

Fortunately if this bothers you there is no restriction to you getting your own third party hub.

 

Oh dear.  Someone always has to play the 'If you don't like it. Make your own' card. The non-thinker's response to any criticism of anything.

Message 9 of 12
(1,347 Views)
0 Thanks
Baldrick1
Moderator
Moderator
Posts: 11,683
Thanks: 5,196
Fixes: 417
Registered: ‎30-06-2016

Re: Hub 2 -- Lax Admin Security?

‎23-12-2022 4:19 PM

@madra 

No, just being realistic.

Moderator and Customer
If this helped - select the Thumb
If it fixed it,  help others - select 'This Fixed My Problem'

Message 10 of 12
(1,338 Views)
0 Thanks
MisterW
Superuser
Superuser
Posts: 14,709
Thanks: 5,499
Fixes: 393
Registered: ‎30-07-2007

Re: Hub 2 -- Lax Admin Security?

‎23-12-2022 4:20 PM

Without logging in I can see what model router I'm using and what its firmware version is. I can also see a list of every device connected to my network along with their internal IP number.

ut you have to be connected  to the local network to access the router at all . So someone trying to obtain that information  must be physically connected  to a lan port or have used the wireless password to connect

Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.

Message 11 of 12
(1,337 Views)
0 Thanks
Dan_the_Van
Aspiring Hero
Posts: 2,538
Thanks: 1,145
Fixes: 73
Registered: ‎25-06-2007

Re: Hub 2 -- Lax Admin Security?

‎23-12-2022 5:36 PM

@madra 

The thing is there are plenty of free tools available which can display the data you are worried about hiding without the need to have access to the Hubs home page

Once connected to your LAN I can use:-

https://whatismyipaddress.com/ - displays your public IP address

Android app "Network Analyser Pro"

Using "LAN scan" I can list all the active devices IP Addresses and hostname connected to your LAN .

Android "WiFi Analyzer"

I can list all the local wireless network and list security used and if WPS is enabled without the need to be connected to your LAN.

The connection speed could be determined using a speed test.

 

 

 

 

 

Message 12 of 12
(1,313 Views)
0 Thanks