[20225] in bugtraq
Re: multiple vulnerabilities in Alcatel Speed Touch DSL modems
daemon@ATHENA.MIT.EDU (Hugo van der Kooij)
Mon Apr 16 13:42:10 2001
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-ID: <Pine.LNX.4.33.0104161159540.21491-100000@hvdkooij.xs4all.nl>
Date: Mon, 16 Apr 2001 12:11:21 +0200
Reply-To: Hugo van der Kooij <hvdkooij@VANDERKOOIJ.ORG>
From: Hugo van der Kooij <hvdkooij@VANDERKOOIJ.ORG>
X-To: Joey Hess <joey@KITENET.NET>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <20010411190723.U30672@kitenet.net>
On Wed, 11 Apr 2001, Joey Hess wrote:
> Here's one way to disable the backdoor: I used the EXPERT login to download
> /active/ip.ini by ftp, removed all the apadd and rdadd lines, turned off
> forwarding for good measure, and re-uploaded it. After resetting the device,
> I can't ping it or connect to it on any port, and yet it still functions as
> a DSL modem. I suppose this closes all the holes except DSLAM access.
I'm not quite sure if you will not get into problems. Have you rebooted
the machine? Are you using the unit in bridge mode or as PPTP modem?
If I have a look at the config file of my unit that runs into PPTP mode it
looks like:
config forwarding=on firewalling=on redirects=on sourcerouting=off ttl=64 fraglimit=64 defragmode=nat
apadd addr=10.0.0.138/8 intf=eth0 broadcastip=10.255.255.255 addroute=no
rtadd dst=10.0.0.0/8 gateway=10.0.0.138
rtadd dst=255.255.255.255/32 gateway=10.0.0.138
rtadd dst=10.0.0.0/8 src=10.0.0.0/8 gateway=10.0.0.138
I guess forwarding is required. Firewalling is not relevant. redirects are
something I'm not sure of but I guess it isn't needed.
Without an IP adres there is no way to setup PPTP so it can't be missed.
Hugo.
--
Alle email aan mij verzonden is gebonden aan de regels beschreven op
mijn homepage.
All email send to me is bound to the rules described on my homepage.
Hugo van der Kooij; Oranje Nassaustraat 16; 3155 VJ Maasland
hvdkooij@vanderkooij.org http://hvdkooij.xs4all.nl/
Don't meddle in the affairs of sysadmins,
for they are subtle and quick to anger.
