[GLLUG] Am I over-reacting to this?
matthew at walster.org
Tue Jan 14 14:37:21 UTC 2014
On 14 January 2014 14:10, John Winters <john at sinodun.org.uk> wrote:
> However, the ISP as part of the configuration changes permanently opens up
> both http and cli interfaces on the external interface of the router, on
> the standard ports 80 and 22. This change cannot be seen from the web
> interface, which still insists that external administration is disabled,
> and the configuration change is not mentioned in any documentation supplied
> with the router. The sole protection is password-based login, over
> unencrypted connections.
> I nearly fell off my chair when I discovered this. Am I over-reacting?
Are you sure it's not locked down to certain source IPs?
This is *very* common, however it's usually conducted by an industry
standard protocol: http://en.wikipedia.org/wiki/TR-069
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the GLLUG