Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sprint DSL's Security Hole Easy As 1,2,3,4

Posted by timothy on from the oh-didn't-you-catch-that dept.

An Anonymous reader points to this Wired article, excerpting "Sprint officials acknowledged that remote access to the administrative software embedded in the ZyXel Prestige 642 and 645 modems is by default protected with a password of '1234.' But the company said users are responsible for securing the equipment, which stores login data, including the user's e-mail address and password." Wired found that more than 90% of the modems they polled were using that default password.

6 of 373 comments (clear)

  1. This is a suprise to everyone? by Dolemite_the_Wiz · · Score: 3, Informative

    This is Sprint, the ISP who doesn't do a thing about hackers originating from their domain.

    I don't know how many times in the past I've tracked hackers at work to Sprint's networks.

    Getting a reply or action from Sprint Security is non-existent. I guess it takes an article published in 'Wired' to get action from them.

    Sprint and Prodigy are renown for not working with customers in addressing secuity issues.

    Dolemite
    _________________________________

    --
    Save the World! Use a Quote!
  2. Pacific Bell by Leme · · Score: 3, Informative

    Has the same exact issue. All of the Caymen & Efficient routers are usually setup with the default password. Which by a quick google search, is easily obtainable.

    This only applies to business customers who ordered the router option instead of a bridge.

  3. Re:Home users by taliver · · Score: 5, Informative

    Not really a problem.

    Lots of switches and other equipment comes with hardware passwords. When these are lost, you can call the company and get a password by reading off a serial number identifier off of the equipment. When you enter that password, the machine is reset and all information previously on it is gone.

    That would be good enough for most users in any event.

    --

    I demand a million helicopters and a DOLLAR!

  4. What Sprint Told Me by harlows_monkeys · · Score: 4, Informative

    I quickly found this problem on my Sprint DSL, and checked a few other addresses "near" mine to see if I had just overlooked something during setup where I was supposed to change the password, and found that most modems were wide open. I informated Sprint, and here was their response:

    Thank you for your recent e-mail. I appreciate the opportunity to address your inquiry.

    You have reached local password reset only. Please contact your local telephone company for further assistance.

    We appreciate your business. If we can be of further assistance concerning
    your Sprint service, please visit us at http://www.sprint.com, or you may email us at customer.servicenet@mail.sprint.com.

    Aside from the total lack of security by default, and their insistance on routing everything from the Seattle area through Fort Worth, which is 100ms away on Sprintlink, they have been pretty good. :-/

  5. Re:Not Sprint's fault... (RTFA) by Anonymous Coward · · Score: 5, Informative
    From the article:
    Tigges admitted that Sprint does not provide instructions for resetting the administrative password in the documentation provided to FastConnect customers.
    Now, who's fault isn't it again?
  6. My ZyXEL 600 had this problem... by VValdo · · Score: 5, Informative

    First thing I did with my ZyXEL Prestige 600 is change that damned default password.

    To do this, at least on my 600:

    1. Telnet in (make sure you have vt100). On my LAN, the Zyxel is set at 192.168.1.1 -- I don't know how Sprint has it.
    2. Use the default 1234 password, and then hit return to log in.
    3. At the menu, type "23" and return. 23 is the option for the "System Password" page.
    4. Now type the old and new password (twice) using the TAB key to skip fields. Don't pick something obvious.
    5. Go down to where it says "Enter here to CONFIRM or ESC to CANCEL" and hit ENTER/RETURN to save your new password. (You may be asked to confirm that you want to do this.)
    6. When you get back to the main menu, exit your telnet session by typing "99".
    7. Try telnetting in again using 1234 and make sure it doesn't work. Now try to use your new password.
    8. Profit.

    I'm guessing that if these aren't the exact instructions for the later Prestiges, it'll be pretty close.

    Even better than changing passwords is to disable remote login from outside the local network. (I hear this is the default on new Prestige modems). Or, depending on how insecure your LAN is, you can assign particular IPs permission to get in and block all others. This is accomplished using a "filter", just like a w/ a firewall.

    To block incoming telnet sessions on the WAN, check out this page. This page also offers a "probe" you can use to discover vulnerable modems.

    Finally, check this list for common default passwords. This is an important page, so check it for any equipment you might be using.

    W

    --
    -------------------
    This is my SIG. There are many like it, but this one is mine.