[H-GEN] ADSL modems suitable for Linux

Tony Nugent tony at linuxworks.com.au
Tue Jun 11 08:31:59 EDT 2002


[ Humbug *General* list - semi-serious discussions about Humbug and     ]
[ Unix-related topics. Posts from non-subscribed addresses will vanish. ]

On Tue Jun 11 2002 at 09:34, "Geoff Everist" wrote:

> [snip]
> 
> We have the following modems working with Linux gateways:
> 
> Alcatel Speed Touch Home (using rp-pppoe, this method sucks due to
> Telstra's DSLAM equipment)

That's exactly what I'm using... adsl-ethernet into a router /
firewall box, then into a hub to my network.  The adsl link seems to
work when I need it, most times I can pull down 49-52kbs at full
throttle (3Gb+512down/256up).

I wasn't aware that rp-pppoe "sucked" so badly with telstra, is
there an alternative?  (The problems with telstra's adsl were bad
last year, but more recently things seem to be a lot better).

But my real motive for responding...

BEWARE -- this particular adsl modem has known (and imho serious)
security holes.  As a starting point see here:

	http://security.sdsc.edu/self-help/alcatel/

(AusCERT issued a notification on 21st April last year, so there
would be mention of it in their database at www.auscert.org).

Configure the ethernet to the adsl modem with a 10.0.0.0/8 address
(usually left un-numbered but hey, it works anyway with whatever you
care to put on it:)

Now telnet to 10.0.0.138 and from there it is so easy to get
privileged backdoor access into these modems once you get to the
logon screen and use a "secret" username.  (Behind this door you
find what it is a very interesting little box to go poking around
in:)  And this btw is not the only security problem they have...

  Telstra sold it to me with my connection (along with a way cool
  usb ethernet card).  They said in their reponse (around May last
  year) that they had the problem under control from their side.
  I'm stuck with it, and I'm not sure if I can feel so reassured by
  their subsequent lack of response for details on what specific
  (and ongoing) measures they have taken to protect me.

  BTW, they have open access (by *design*) anytime they like to my
  modem to do things like update the firmware or reset its
  configuration.  (Although I last time I looked nothing appeared to
  have changed.  And if it had then I'd be pissed and want to know
  why I wasn't notified about it).

Anyone want to have this one cheap so I can go get another one?  :)

  I'd think about all this if you use alcatel products.  But I would
  not be suprised if they are not the only ones who are doing things
  like this to their products... it's a classic case where
  proprietary black boxes offer less, rather than increased,
  security.  And open source the opposite, since everything is so
  much more transparent to such things (it just wouldn't happen).

Cheers
Tony

--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'.  See http://www.humbug.org.au/



More information about the General mailing list