<div dir="ltr"><div class="gmail_default" style="font-family:'courier new',monospace"><span style="font-family:arial">On 14 January 2014 14:10, John Winters </span><span dir="ltr" style="font-family:arial"><<a href="mailto:john@sinodun.org.uk" target="_blank">john@sinodun.org.uk</a>></span><span style="font-family:arial"> wrote:</span><br>

</div><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">However, the ISP as part of the configuration changes permanently opens up<br>


both http and cli interfaces on the external interface of the router, on<br>
the standard ports 80 and 22.  This change cannot be seen from the web<br>
interface, which still insists that external administration is disabled,<br>
and the configuration change is not mentioned in any documentation supplied<br>
with the router.  The sole protection is password-based login, over<br>
unencrypted connections.<br>
<br>
I nearly fell off my chair when I discovered this.  Am I over-reacting?<br></blockquote><div><br></div><div class="gmail_default" style="font-family:'courier new',monospace">Are you sure it's not locked down to certain source IPs?</div>

<div class="gmail_default" style="font-family:'courier new',monospace"><br></div><div class="gmail_default" style="font-family:'courier new',monospace">This is *very* common, however it's usually conducted by an industry standard protocol: <a href="http://en.wikipedia.org/wiki/TR-069" style="font-family:arial">http://en.wikipedia.org/wiki/TR-069</a></div>

<div class="gmail_default" style="font-family:'courier new',monospace"><br></div><div class="gmail_default" style="font-family:'courier new',monospace">M</div><div class="gmail_default" style="font-family:'courier new',monospace">

<br></div><div class="gmail_default" style="font-family:'courier new',monospace">​​</div></div></div></div>