Slashdot Mirror
Time Warner Cable Modems Expose Users
eldavojohn writes "Wired is reporting on a simple hack putting some 65,000 customers at risk. The hack to gain administrative access to the cable modem/router combo is remarkably simple: '[David] Chen, founder of a software startup called Pip.io, said he was trying to help a friend change the settings on his cable modem and discovered that Time Warner had hidden administrative functions from its customers with Javascript code. By simply disabling Javascript in his browser, he was able to see those functions, which included a tool to dump the router's configuration file. That file, it turned out, included the administrative login and password in cleartext. Chen investigated and found the same login and password could access the admin panels for every router in the SMC8014 series on Time Warner's network — a grave vulnerability, given that the routers also expose their web interfaces to the public-facing internet.' If you use Time Warner's SMC8014 series cable modem/Wi-Fi router combo, watch for firmware to be released soon that they are reportedly in the process of testing."
...is to put them in bridge mode and use your own router (no matter who your provider is). Same with DSL modems. Even when they aren't misconfigured (deliberately or due to sheer incompetence) the firmware is usually buggy and limited.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
Presumably armed FBI agents are en route to neutralize notorious terrorist hacker David Chen even now. 50 years in Gitmo is too good for him.
If you were blocking sigs, you wouldn't have to read this.
Install your own patch right now by cancelling your Time Warner contract, throwing the router in the trash, and getting a new ISP with better hardware. Hell, fork out $50 for a tried and tested model from Newegg. Be sure to tell Time Warner to "Abragofuckyourself" when they say you're tied into a contract by using the words "unfit for purpose" "gross criminal negligence" and "class action"
Yeah, my utopian world of consumer power is better than this one of "Please, Mr Corporation, harder and deeper!"
Finally had enough. Come see us over at https://soylentnews.org/
I wonder if this is the same 'hack' used to attack Belgacom.
http://tweakers.net/nieuws/63200/belgacom-hacker-publiceerde-authentieke-inloggegevens-van-klanten.html
For the curious, a quick recap in English...
A hacker going by the name 'Vendetta', supposedly an American living in Belgium, got fed up with the monthly data cap (at Belgacom, figured out that there's a way to find the username/password for a modem by browsing to it (much as in this article), did that to a claimed several thousand (285,000) modems, and is threatening to release them slowly over time until November 30th as long as Belgacom keeps its monthly data cap.
So far this hacker released 30 usernames/passwords, and they were found to be genuine.
Belgacom contacted authorities, is investigating the claimed method of hacking, blabla.
The modem in question with Belgacom is labeled a "B-Box2-modem".
While I agree with you, the issue usually isn't the small percentage of technically savvy people who use this, but rather the majority of folks looking to "plug and play". These are the security gaps that allow zombie DDoS attacks to happen so easily, as they open up easy access to lot's of similarly configured boxes.
the public-facing internet
wait. what? why?
According to TFA (my karma be damned), Web-based admin UI is enabled on these routers, not only for the LAN but for the whole fucking Internet. This must be the dumbest default setting ever.
Also in TFA...
What's more? Gnome With the Ping of Death? ;)
Colorless green Cthulhu waits dreaming furiously.
This is not a hack, this is incompetence from the guys who sold that in the first place.
Are all Time Warner employees marketers or something?
If you use Time Warner's SMC8014 series cable modem/Wi-Fi router combo, watch for firmware to be released soon that they are reportedly in the process of testing.
And if you are a hacker planning to pwn Time Warner's SMC8014 series cable modem/Wi-Fi router combo, be sure to get your exploit written and distributed soon before the new firmware is released.
If libertarians are so opposed to effective government, why don't they all move to Somalia?
Convenience and incompetence. They want to be able to run scripts to update/reconfigure all the modems and this is the first method that occured to them. Being stupid, they didn't think it through.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
Maybe if they actually gave 0.0000000001% of a shit about the service they provide instead of spending millions trying to figure out how to fuck the customers they've oversold to out of YetAnotherPenny ... nah, won't happen.
AOL/TWC have gone through so many reorganizations and consolidations, the best and brightest have been gone from the company for quite some time. This is just a result of continuing to run a failing course.
..but I believe the word flabbergasted comes to mind.
...all sold to beacon by default , plenty sold with a googlable default password (or none at all) which they never prompt the user to change , encryption - even WEP - switched off by default.
Etc.
It took me all of 2 minutes to get into my mums neighbours home network via their belkin wifi router.
And yes , I did tell them how to secure it. And they ignored me. What can you do?
My initial, gut response to this was sheer horror. They list exploit and target side-by-side! The only mention of a fix is that it's to be 'released soon', informing any malicious agents out there that now is the time to strike.
Reading the Wired article, the right thing was done. Big company was sitting on their hands, and now that publicity has been made, they're starting to move.
Wired did the right thing. But this summary, it's fear-mongering and bad journalism.
This isn't just a security vulnerability - those things happen. This is gross negligence. There are 3 simultaneous absolutely bone-headed things here:
- PUBLIC facing web configuration? I have never, ever, ever, seen a router that did that. Not even cheesy home routers.
- JAVASCRIPT is their security? That was dumb back in 1998, but who does that now?
- CLEAR TEXT username/password? There was this great technique we used back in 1975 called hashing. Look it up. Why does it even write the username/password out anyway?
This is one of those cases of just too many stupid things all at once for it to be a mistake.
...
i usually just pwn their machine and then setup wpa that way i know noone else will be listening in on me borrowing their internet
I don't know if they're using DOCSIS, but I can't imagine they aren't. If I'm wrong, ignore the rest of this comment; but if they are DOCSIS modems, then they get their config file from the network every time you boot them. Even if they aren't DOCSIS modems, that's still the most reasonable way to configure them, and if they didn't do that they should be shot into orbit without a suit, or perhaps with one but on a rapidly decaying orbit and without heat shields.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
I was under the impression that the only user-configurable option is to add URLs to a blocking list. There is no way to put it in bridge mode, and even if it was someone could log on and change it, and simply pass all your data to their servers anyway.
This is the kind of setup you give people who don't know about security, so they can't muck it up. Of course, it needs to be secure in the first place, so this is a huge issue and fixable only with firmware (or different hardware).
Write your representatives! Repeal the 2nd Law of Thermodynamics!
Initially I was a little confused about the cable modem not being in bridge mode and having an admin interface at all. After RTFA, this vulnerability is only for SMC router/modem combo devices from TW. There was no mention of the Motorola cable modem I have from TW. The Motorola cable modems are acting as a bridge already because my router gets the lease to the public IP.
So apparently no worries regarding this vulnerability for me, but this certainly sucks for 65K other people.
The nice thing is that they may actually be able to update everyone on their networks to plug the hole, given this feature.
Whether they will or not is another issue.
Help! I'm a slashdot refugee.
This shouldn't be legal. Cleartext password internet-facing consumer hardware? This is worse than those idiots using unsecured wireless routers for their credit card swiping machines. If I owned a Time Warner router I'd really feel justified in suing them for gross negligence.
You must be new here.
Change is certain; progress is not obligatory.
At least those do not have the configuration accessable from the WAN by default. Also, they normally have either instructions or a setup wizard that sets up security for them. This is a case of WAN-accessable config pages that let unauthenticated users download the config file, which stores the username and password in plain text. The difference is clueless users versus extremely insecure design.
This is the difference between a linux box configured with insecure settings and a Windows 98 box sitting on the WAN with no firewall.
Or, how about a car analogy:
You can drive a brand new car with tons of safety features 100 mph into a brick wall and still die, or you can drive a Pinto which is likely to explode if someone rear-ends you.
Said, "It's just like dice but it's got more sides And it tells me who lives and who dies"
This is like finding out an uncut car key can open any Ford.
Meanwhile Verizon FIOS has been rolling out firmware upgrade to their routers that prohibit you from running your own secure sub-net inside their routers.
Why do these clowns think that because they control the last mile they can arrogantly control the whole internet?
Yeah I think It's about time to set up that server as a gateway. Ironically the internet service has been excellent and since I live in rural Maine we have few people using the bandwidth so I have amazing speed. Their cable TV service is what sucks. That hole in the modems is about as bad as the old file swap backdoor in Unix. On the bright side how many people could know about it? It's not like it was posted on Slashdot.
That's the only choice I really have with my Verizon DSL setup. The combo modem/transceiver/router/AP thing that they gave me sucks balls (constant disconnects & reboots needed), so I had to pull out my 10+ year-old standalone DSL modem/transceiver box which works flawlessly. Threw a Linksys router/wifi AP on the back end of that and I've been sailing along flawlessly for 3+ years now. There's a reason why they "give" you those crappy all-in-one routers, and it's not because they're reliable.
underscore incompetence. that is just ridiculous given the maintenance overhead involved with patching any found vulnerabilities down the road. let's hand out the password in clear text while we are at it. shoot me now
I've got Sky broadband (because we only need the cheapest package, which is free with the TV package) and their router has a very easily guessable password that they don't tell you (so you can't configure things). I don't know if the interface is web accessible, but we were having network issues fairly recently and they said "we couldn't check your router", which I assume means that they tried to log in remotely with the original password.
The Javascript thing isn't important - that's how the device operates because it's been told to and, in 99% of circumstances it's an internal-only device. My printer offers up a lot worse options. However, exposing that interface to the web is stupid, as are using standardised passwords.
The former is nothing but user-education and/or forcing them into a password from the factory (like a lot of wireless routers comes with WPA keys printed on the bottom of them).
For the latter, a lot of cheap ADSL modems/routers do this, it's hardly a shock. Some of them run telnet on ports 254/255 and the only way to get rid of it is to forward that port to a non-existent IP address. Yes, it's crap security. Yes, they should know better. But, additionally, it's their fault from day one and people have known about this for YEARS.
It would also pick up on *any* external security scanner (e.g. nmap, GRC.com's ShieldsUp!) and any competent person would be testing any new system with something like that anyway. I know I've always scanned whenever I've used a new connection, if only to find what proxy servers / port-blocking / port-forwarding are in place. And yet all my Internet connections have hard-coded DNS, the router acts as nothing more than a passthrough to a real firewall (usually Linux iptables, if only for decent, configurable NAT / port-forwarding) and anything vaguely suspicious on an external scan is investigated (my ISP offer port 139 filtering as default, for example).
If you didn't know about it, test it. If you haven't already disabled it, do so. If you're that worried, change the device. This type of problem has been around for YEARS, and only the bog-standard, password is 'password', home users would ever be hurt by it. I think it's disgusting that they are, but they are not the only ISP / modem / router that has these problems.
And to claim this is new/shocking is quite misleading - most router manufacturers have suffered from this since ADSL became mainstream. Even things like BT's HomeHub have had similar security problems over the years.
Cable & Wireless here in Panama also has the same dumb password for almost every ADSL subscriber's box since ADSL came out years ago.
Really, how long will it take before someone scripts together a crawler to scan Time Warner's IP space for these modems, log in, and disable the connection ?
It's just a nice way to make it so if an inexperienced hacker fails to break into your network, he can just pull up the web interface, open the port he's trying to use, and then continue hacking your internal systems. Think of the (children) hackers! :-P
Having a smoking section in a public restaurant is like having a peeing section in a public swimming pool.
This is not a hack. This is leaving the key *on top* of the doormat.
Excuse me, but please get off my Pennisetum Clandestinum, eh!
Remotely access and use their unsecured networks to initiate p2p downloads of songs by Madonna, Metallica, and Sir Elton John. Narc them out to the British telco. Given their "three strikes" they'd be "safe" for good.
Not that I care very much, but I still think it's weird that the people responsible for security holes like that don't go to prison for it or have to face other serious consequences. It seems to me that in every other engineering domain engineers are more liable for what they do and companies at one point or another are held responsible for failures and malfunctions than in end-consumer hardware and particularly software, where people seem to get away with just about anything that doesn't kill the customer instantly. I'm not talking about bugs or mistakes, which cannot be avoided 100%, but obvious negligence or incompetence like in the above case. Strange.
I've always used bridge mode on modems of either type from ISPs. I never trust an ISP's modem/router combo.
The only ISP I have respect for doing anything vaguely similar shipped out a Cisco router with their modem.
- Michael T. Babcock (Yes, I blog)
Anyone dumb enough to hook one of these gateway boxes or "cable modems" directly into their computer is just asking for trouble. As you say...plugging it into a router is the ONLY safe way to connect them. Even my dad's computer, who doesn't need anything but a connection, is connected to a router though his gateway DSL box.
These idiots can't figure out how to secure the config pages of a cable modem, and we are to trust that they can implement QOS correctly? I've only been working on networks and IT stuff for a decade, so maybe I don't know what I'm talking about, but QOS seems a bit harder to do than securing a cable modem config page.
We need net neutrality for two reasons:
1. To keep the internet open to all that would want to use it.
2. To keep grossly incompetent network administrators' hands off of our data.
-ted
problem: clueless time warner suit needs to hire a "programmer" to config their modems remotely
solution: his sister's boyfriend is a programmer, a JAVASCRIPT programmer
problem solved. wait, here's an email from a guy in tech support, something about a DOCSIS. delete email...
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Can you give some info and/or links to what 'bridge mode' is? New term to me...
Light travels faster than sound. This is why some people appear bright until you hear them speak.........
you know the backdoor exist solely to make your internet experience more pleasurable.
So when are you filing your lawsuit?
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
Yes incompetence looks like the primary cause here. Whoever hides the access to administrative functions of anything by simple javascript on a web page should be at best fired.
It is quite amazing to see how many programmers are just totally clueless about the technology they're using. It's just appauling.
You have the same as I then. Into a browser visit http://192.168.1.1/ and play around. While it doesn't havethe stats the full router does you canreally fsck the time warners network and screw the frequencies of everyone on your local cable share. Be warned however you take out your network to do so. And you might not get it back without their help.
Ihave had to manually reset them a couple of times for timewarner. However I haven't found any useful account data their. Just hardware settings.
i thought once I was found, but it was only a dream.
time warner would charge the end users for an "upgrade": a modem with "amazing new features" (translation: security exploit patched). so time warner would eventually make money off of exposing end users to script kiddies and hackers
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Bridge mode is just that -- it's a connection between two separate networks. In this case, the TW box is connected to the Internet and is one point of the bridge. On the other end is your home network router, which acts as the other point of the bridge. Your network is physically separate from theirs, and joined by the single patch cable between the boxes.. This is usually how these things work anyways, even when it's all in one box. The difference here is that you're using two physical boxes to ensure the separation, which avoids absurd goofs like the one described in TFA.
Bridge mode is just that
Thanks! :)
Yeah. It's a shame to waste hardware like that though. For example my Verizon DSL modem is also a router and wireless access point. I can't use any of those features though because it is well known that Verizon can get into these modems from the outside (to do firmware upgrades and such) and if they can do it who's to say some random hacker can't. So I put the damn thing in bridge mode and use the trusty old WRT54GL running Tomato as the actual router/firewall. Such a waste of hardware because I would rather use that WRT54GL for something else.
So why don't you get your own dsl model that is completely under your control?
Well.. maybe. Or Maybe not. But Definitely not sort of.
remotely bricking the modem hurts the end user far more than it hurts time warner
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Good thing they waited for the updated firmware to be installed, before reporting this problem on a heavily read web site. Until then, nobody will even think of trying to exploit this hole before it's been patched.
Who would win this election: Andrew Weiner vs Andrew Weiner's weiner.
I was very much worried when I got Verizon FiOS. The Verizon supplied router is actually a linux box that has a web server and it throws a username/password dialog to the WAN side. I was worried so much I had another old router behind the Verizon router and connected my machines to this second router. But the other router was old and it maxed out at 10Mbps and FiOS was delivering 20Mbps. So I did some googling. Found that Verizon has been shipping that kind of routers for more than 5 years and so far no hack has been found. So I removed my second line of defense. Looks like it is a prudent idea to buy a more capable modern router and protect the machines from possible future hacks.
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
... an idiot would have on his luggage!
Yup - same issue here with FIOS - I really didn't want to have to mess with getting their router to bridge (it can be done, but it is a real pain and if you need to make a change you need to reset and reconfigure). So, now I have a box sitting on my LAN that I have no control over. In theory all the devices on the LAN are routinely scanned with nessus/etc, but it isn't ideal.
Many of these integrated services have all kinds of tie-ins that make bridging the router painful. For example, on FIOS the network link from set-top boxes to the internet is via the outward-facing port on the router. If you bridge the router then it has no internet connectivity of its own and can't route packets from the set-top boxes. Plus, when it is bridged you can't get into the router's web-based admin console, so to change a setting you need to hard-reset it. I guess if you don't mind having your own router NATed that is an easy option. Sometimes I'm tempted to go IPv6 with a tunnel provider just to get past all that stuff...
FIOS is a bit of an unusual case since they run the network over coax. Where standard ethernet is used you have more hope of just bypassing the router entirely.
I remember 10 years ago already, when there were a few good articles, and lists of all the default passwords given for all the routers brands and makes, etc... so that hacking would be that much easier, but this is like finding a few hundred needles in a haystack, talk about bad management .....I am sure someone wanted to save time and factor in a quick access method with the least amount of effort or memory.
"It's just appauling."
Oh come on, don't bring Paul into this.
because being unable to do your online banking or telecommute or get health information isn't hurting the end user at all
and people who hack other people's machines are always motivated by the most altruistic, community-level concerns. people who commit transgressions towards property that is not theirs are never prone to selfish greed and a simple desire to exploit others for their own gain, regardless of who is hurt
get real dude
virtuous hacking is not reality
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Anyone know if this vulnerability is specific to Time Warner? That's the same model cable modem I have on my Comcast service.
Otherwise they do call the feds and label you a cyber terrorist. The smarter thing would've been to NOT tell them anything but instead quietly reroute all their traffic to some nasty ass pr0n site (or just the goat cx site.) They'll quickly learn the importance of securing their wifi.
i mean how hard is it to put for some unexplained reason, you need javascript to access this page
I was helping a day-trading friend with his home network. He is paying TimeWarner top dollars for the highest speed available. When his computer is connected to the cable modem directly speed-test was showing 15-17Mb/second. Adding even a (gigabit) switch — so that his main computer remained reachable by others on the LAN — in the middle lowered the speed down to 12-14Mb/second. If we used a NATing router instead of switch, the most speed we were able to see was 8Mb/second. (All cables were CAT6, all connections — full duplex.)
Maybe, if we went with seriously expensive router, we'd get better speed, but I doubt, it would beat the top speed of using a switch — and that too was substantially lower, than the speed of the direct connection.
Your proposal does improve security, but it impedes speed — not entirely unlike the security guards at the door, I might add... Not for everyone...
In Soviet Washington the swamp drains you.
Depending on your physical layout, couldn't you run a cable from the STB directly to the Verizon router?
Unrelated, I have FIOS and it was interesting running a scan of the machines/port/services on the network. Granted, most of it meant nothing to me, but here was the return:
PORT STATE SERVICE VERSION
7501/tcp open unknown
8082/tcp open http gSOAP httpd 2.7
21303/tcp open ssl/tcpwrapped
21306/tcp open unknown
21307/tcp open http gSOAP httpd 2.7
Bark less. Wag more.
You're acting as if that router is some kind of silver bullet. There is no such thing. Security measures should always be layered; never count on one measure to deflect attacks against you. Make penetration of the system more hassle than it's worth (to the attacker) is the right path. Hoping that somehow the code running in that router is perfect (because rest assured that it isn't,) is at best foolish.
ELOI, ELOI, LAMA SABACHTHANI!?
I think that's not the IP address for the Motorola ( try http://192.168.100.1/ ), but for a Linksys wireless router, like say a WRT54G.
I see even classic Slashdot is now pretty much unusable on dial up anymore.
You can have your connection switched over to ethernet. I had my FiOS install done on ethernet instead of the coax and the first thing I did when the installers left was plug the ethernet into my Debian bridge/firewall and I run their Actiontec off a gigabit switch along with my other PC's. Last time I had to call tech support they were unable to connect to the Actiontec and when I explained the setup and that I needed to open a port for them the Tech was like " that's awesome. Maybe you should work for us!" instead of bitching about how I blocked their access so they may not "support" the setup but, they didn't ask me to switch it back either.
Now there are 1 or 2 ports you will need to open up for the Actiontec especially if you also have TV service but, it's quite simple to open a port in IPTables.
Shoot me an email if you need some help setting this up!
"I'd rather have a bottle in front of me than have to have a frontal lobotomy."
I completely agree, but the main problem is with connections like FIOS, you are required to put a good 3-4 hours into getting this right, because the 'free' router still needs to give TV data to the TVs for programming and OnDemand purposes. There are ways to bypass this, but NONE that a novice should ever attempt doing.
My connection is currently set up so that it looks like my FIOS cable boxes are downloading torrents of TV shows :P
And has been known for a while. Oddly, this vulnerability is the easiest way to secure the greater vulnerability in the router.
Leben Sie jetzt die Fragen.
"Wired is reporting on a simple hack putting some 65,000 customers at risk."
Tragically, if only TWC had used signed integers, they could have halved the impact of this problem.
- PUBLIC facing web configuration? I have never, ever, ever, seen a router that did that. Not even cheesy home routers.
For a topper, try Intel's AMT.
Remote administration by a little board with its own computer.
- Always-on. (Goodbye battery life in powerdown mode on laptops.)
- Sits between the REAL computer and its network interfaces - "under", invisible to, inaccessable to and overriding the OS.
- Lets a remote administrator establish a tunnel to it (or reaches out to establish its own).
- Able to otherwise act as a man-in-the-middle for network traffic.
- Able to sniff and twiddle the rest of the system.
- Even able to turn it off.
Intended for remote administration of the machine and shutting it down to defend the LAN and VLAN from the machine if it becomes infected and/or any of its services stop mumbling occasional prayers to tell its watchdog function that they're sane.
My immediate reaction was "Remote administration? Yeah - by the NSA, DHS, Chinese spys, Russian malware gangs, and any tech-savvy terrorist group."
How do you know it's turned off? The BIOS says so. Yeah, right!
That's why no more Intel PCs for me.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
It is quite amazing to see how many programmers are just totally clueless about the technology they're using. It's just appauling.
Start adapting. 'Computers' are becoming commonplace and non-professional. This will be more and more widespread as we move forward. Your being amazed signals that you're not anticipating the changes in technology that will happen as it becomes more and more ingrained in the culture.
While I agree with you, the issue usually isn't the small percentage of technically savvy people who use this, but rather the majority of folks looking to "plug and play". These are the security gaps that allow zombie DDoS attacks to happen so easily, as they open up easy access to lot's of similarly configured boxes.
This router is probably a better alternative for those folks even with this exploit than the alternative of a cable modem and a Windows PC connected directly to the internet with no protection other than the Windows firewall.
If you are tech savvy though I have no idea why you would use this product. Get an old fashioned cable modem and hook it up to a router of your choice. No reason to rely on the cable company to provide you with one.
I want peace on earth and goodwill toward man.
We are the United States Government! We don't do that sort of thing.
So much for "Security through Obscurity"
I don't think the programmer(s) were at all ignorant of what they were doing. They could have been given too little time to deliver the solution or they knew management was ignorant of security and delivered any old pile of crap to get paid.
Fail!
Verizon's equivalent of "have you tried rebooting your computer" is to reset the modem-- which puts it back in router mode.
I'm afraid I don't understand. Why not get your own DSL Modem of your choosing so they can't pull any shenanigans? I was pretty glad I did after the vulnerability in the 2wire mode/routers att tries to sell was discovered. It often pays to have less popular hardware/software to avoid being targeted by scanners. Wouldn't prevent a more targeted attack, but those are more rare.
Well.. maybe. Or Maybe not. But Definitely not sort of.
You are correct it was 100.1, now I have to go figure out what 192.168.1.1 is on my network. network hunting is always fun.
Of course the rest is correct.
i thought once I was found, but it was only a dream.
There is now, just turn off javascript.
Extreme Programming - Redundant Array of Inexpensive Developers
Yep, I have a bridge only and I use a cisco 2621XM for my gateway.
A brief explanation of "bridge mode" as I give it to customers: When you have a router, the router generally serves to isolate the internal network from the public network (the internet, usually). This means having a public IP address on one interface (the WAN interface) and distributing private IPs to the machines on the local network (the LAN ports). Bridge mode doesn't do that -- instead of acting as a router, the device merely passes traffic to the LAN, allowing (for example) one machine on the local network to claim the public IP that the modem is passing along. Usually, a router in bridge mode is connected to another router downstream, so that THAT router is giving out IPs. You see this a lot with wireless interfaces; you've got a modem/router without wireless capability, and you want to use a wireless router to give out addresses.
stripShow - Where WordPress meets webcomics
The set-top boxes are run directly to the router - on the world-facing side. They're all attached to the same coax line, and they communicate using an odd ethernet-over-coax protocol.
The other reply did point out a valid alternative.
The modem reset is the price one has to pay to get tech support. I don't think they can reset it remotely.
It's a relatively stable service-- outages are very rare, and, if you have the modems manual on hand it's not all that hard to get it back into bridge mode.
( If you don't have the manual, and you do make a mistake, it's not as if you can "find it on the internet" unless maybe a neighbor has a unsecured access point.)
I work for a mid-size ISP (we're pretty big, but not on the level of comcast or warner) and we use these same devices.
Here's how we config them:
1. Since they are on our network, they all have an internal 10 dot private IP we use to access the modem for config purposes. Unless you gain access to our internal IP scope you can't even get to that address, and if you do you have to connect via SSH and guess the login name and pw. Both are random letters/numbers which rotate once a month through forced updates.
2. None of them have the external (publicly addressable) IP-based login enabled at all. You don't need any Javascript, it's just an on/off setting in the firmware itself.
3. We don't run them as routers, as routers they suck major ass. They work great as either a bridger or a gateway. Running them as a bridge device is problematic since you are exposing the user to everyone else in the IP scope. We actually only use them for static IP customers, and run them as a gateway device. We also disable all the routing features because they run better that way... and why the fuck would the customer want their ISP to manage the routing in the first damn place?
In short, the guys at Time-Warner are a bunch of asshats. If you're going to just use them as a bridge device then save yourself the cash and use a motorola which is under half the price. They work great as a gateway for a static subscriber, and some models do have wireless. But again, why you as a customer would want the ISP in control of your router/wireless is completely beyond me, unless you are a gibbering idiot.
In any event they must be running some kind of goofy half-assed firmware they managed to get SMC to make just for them. Even the HTTP based GUI interfaces, both customer and ISP facing, can be disabled with a simple command line entry. So to sum it up, it's not the SMC's themselves that have an issue. And they don't need any firmware update to secure them, it takes about 10 seconds and one reboot to update the internal config. And when you factory reset them, it goes into a craptacular gateway mode that gives you a bullshit static IP that won't work anyhow... so you could use it as a local network router or wifi access spot but it won't give any upstream connectivity at all.
These devices are actually highly configurable. The default factory mode allows the customer to turn nat on/off and the firewall on/off, and view some basic info that's it. You CAN give them pretty much full access but I don't know why anyone would... they are actually pretty decent boxes to work with but it just sounds like TW just doesn't have a clue. Stick to the moto's guys.
There is now, just turn off javascript.
And after you do that, someone else can do the same thing over the internet, view your password as plain text, and change your DNS server.
Write your representatives! Repeal the 2nd Law of Thermodynamics!
I used to work for Time Warner in upstate NY. All wireless netgear modem/wireless router combos had remote admin access on 8080. Sure there was a username and password on it, but if you couldn't guess it in 5 tries it was because you were having a stroke.
Ok. Then the only thing left to do, is help mother nature a bit, with her natural selection... by using them, to give you an advantage. ^^
Seriously. You're doing humanity a favor, that way.
Any sufficiently advanced intelligence is indistinguishable from stupidity.
SMC Networks was recently made aware of a potential vulnerability in the firmware deployed in certain versions of its cable modems deployed on the Time Warner Cable network in North America. In specific and limited instances, the firmware could potentially be exploited by hackers intending to compromise the security of a user’s Internet connection and network. SMC Networks has moved quickly to develop new firmware that fixes the potential vulnerability and eliminates the possibility of a customer illegally accessing other users’ computers or Time Warner Cable's network. The new firmware has already been delivered to Time Warner Cable who are pushing the update to their end users’ equipment. This update is being deployed by Time Warner Cable and will require that no action be taken by the end users. SMC Networks and Time Warner Cable take its customers’ network security concerns very seriously and apologizes for any inconvenience that has been caused by this vulnerability. It is of the utmost importance to SMC to deliver to markets products that are secure, safe and reliable.