Technical Discussion
  >> Security Related Issues


Register (or login) on our website and you will not see this ad.


  Print Thread
Standard User BatBoy
(legend) Tue 17-Dec-13 21:28:02
Print Post

BT modems have NSA back-door, claim researchers


[link to this post]
 
BT has been accused of hiding a government back-door in modems provided to broadband customers by a team of researchers who claim the company is not alone in providing such access to supposedly-private home networks.



______________________________________________________________________________________Go_girl!__________________
Standard User caffn8me
(knowledge is power) Tue 17-Dec-13 21:41:49
Print Post

Re: BT modems have NSA back-door, claim researchers


[re: BatBoy] [link to this post]
 
In reply to a post by BatBoy:
BT has been accused of hiding a government back-door in modems provided to broadband customers
UK government, Chinese government or both? (as well as the USA)

I have to say I always considered a back door a possibility and it's one of the reasons I don't use the Openreach modems (on four FTTC services I manage)

When I got the first Openreach modem I unlocked it before using it for service (with just a single computer connected to it on LAN2) and immediately noticed VLAN301 and its 30.x.x.x IP address. I immediately disabled this as a potential security threat (something which can be done with unlocked firmware). This does, of course, block ISP helpdesk access to the modem via TR-069 but I can live with that.

On the "more important" connections I manage I run a separate firewall internal to the VDSL modem/router which handles all NAT, access control and VPN encryption. I run a number of 'tripwires' on the firewalls to detect intrusion attempts and block all traffic from external sites which seem to be probing (address space, port space and certain specific protocols). This includes blocking access to services which continue to be open to the public internet at large.

A quick scan of one firewall status shows 21 sites currently blocked by tripwire activation.

As an additional security measure, no remote VPN site that doesn't have its own dedicated firewall can initiate inbound VPN connections and traffic to the main sites.

I may just be paranoid, of course wink

Sarah

--
If I can't drink my bowl of coffee three times daily, then in my torment, I will shrivel up like a piece of roast goat

Spiders on coffee - Badass spiders on drugs

Edited by caffn8me (Tue 17-Dec-13 22:56:16)

Standard User caffn8me
(knowledge is power) Tue 17-Dec-13 22:53:48
Print Post

Re: BT modems have NSA back-door, claim researchers


[re: caffn8me] [link to this post]
 
In reply to a post by caffn8me:
A quick scan of one firewall status shows 21 sites currently blocked by tripwire activation.
This blocking is dynamic - there are now 174 separate IP addresses blocked smile

Sarah

--
If I can't drink my bowl of coffee three times daily, then in my torment, I will shrivel up like a piece of roast goat

Spiders on coffee - Badass spiders on drugs


Register (or login) on our website and you will not see this ad.

Standard User BatBoy
(legend) Tue 17-Dec-13 22:57:26
Print Post

Re: BT modems have NSA back-door, claim researchers


[re: caffn8me] [link to this post]
 
I've always thought that Vlan301 is for BT-Fon-Wifi smile


______________________________________________________________________________________Go_girl!__________________
Standard User caffn8me
(knowledge is power) Tue 17-Dec-13 23:02:36
Print Post

Re: BT modems have NSA back-door, claim researchers


[re: BatBoy] [link to this post]
 
This VLAN appears on the Openreach modem regardless of whether the end ISP is BT or not. For BT-Fon I would expect the wireless hub to set up its own connections rather than the modem but as I've never played with a BT wireless hub I may be wrong.

Sarah

--
If I can't drink my bowl of coffee three times daily, then in my torment, I will shrivel up like a piece of roast goat

Spiders on coffee - Badass spiders on drugs
Standard User BatBoy
(legend) Tue 17-Dec-13 23:13:42
Print Post

Re: BT modems have NSA back-door, claim researchers


[re: caffn8me] [link to this post]
 
Well, it doesn't appear to work with Vlan301 disabled wink


______________________________________________________________________________________Go_girl!__________________
Standard User caffn8me
(knowledge is power) Tue 17-Dec-13 23:27:47
Print Post

Re: BT modems have NSA back-door, claim researchers


[re: BatBoy] [link to this post]
 
I believe TR-069 also uses VLAN301 and that's nothing to do with BT-Fon

Sarah

--
If I can't drink my bowl of coffee three times daily, then in my torment, I will shrivel up like a piece of roast goat

Spiders on coffee - Badass spiders on drugs
Standard User BatBoy
(legend) Tue 17-Dec-13 23:38:53
Print Post

Re: BT modems have NSA back-door, claim researchers


[re: caffn8me] [link to this post]
 
It's called Tr069_INTERNET in the service list on the modem true enough, so it's definitely for that, but also for BT wifi Fon which is why it has DHCP turned on


______________________________________________________________________________________Go_girl!__________________
Standard User caffn8me
(knowledge is power) Tue 17-Dec-13 23:42:26
Print Post

Re: BT modems have NSA back-door, claim researchers


[re: BatBoy] [link to this post]
 
I have no need for either so it's disabled in the modems I have (which aren't even connected except in the event of a line fault). BT WiFi wouldn't work anyway as I'm not using a BT service.

Sarah

--
If I can't drink my bowl of coffee three times daily, then in my torment, I will shrivel up like a piece of roast goat

Spiders on coffee - Badass spiders on drugs
  Print Thread

Jump to