|
|
|
I have notice port 8081 is open,
when i connect to it externally it is going to a authentication page
"HuaweiHomeGateway"
I assue this is for BT to access the HG612 modem?
I have unlocked the firmware and can firewall it off.... but i do not know the username or password of this!!!
|
|
|
Possibly TR-069 for CWMP http://en.wikipedia.org/wiki/TR-069
Mine is "closed" as I disabled the service on 301.
I have unlocked the firmware and can firewall it off.... but i do not know the username or password of this!!! If you go to the Maintenance/Account tab, there are only 2 accounts defined - admin and user.
Edited by deleted (Tue 10-Apr-12 08:54:31)
|
|
|
Open on WAN or LAN side?
Given the modem does not receive a WAN IP it should not be visible to the internet.
|
|
The author of the above post is a thinkbroadband staff member. It may not constitute an official statement on behalf of thinkbroadband.
|
|
Register (or login) on our website and you will not see this ad.
|
|
|
|
WAN side - there's a PTM running on VLAN 301 for TR-069 which does DHCP.
|
|
|
I presume you superglue the covers onto the diagnostic ports for your car too?
|
|
The author of the above post is a thinkbroadband staff member. It may not constitute an official statement on behalf of thinkbroadband.
|
|
|
And it will NOT have a public IP address, but a non-routeable private IP, so unless someone hacks into the DSLAM it should not accessible
If people are hacking the DSLAM/MSAN then the admin port on your modem is the least of your worries
|
|
The author of the above post is a thinkbroadband staff member. It may not constitute an official statement on behalf of thinkbroadband.
|
|
|
|
Well, it will have the public ip address of the modem on port 8081 as the OP said. I don't think it has anything to do with the DSLAM.
|
|
|
The modem hands a public IP address to the consumers router, are you suggesting that the Openreach FTTC modem also has a public IP address?
Proof?
|
|
The author of the above post is a thinkbroadband staff member. It may not constitute an official statement on behalf of thinkbroadband.
|
|
|
|
Yes, it has the same ip address, but you have to specify the port as well to access it from the internet.
The proof is as I said before - there's a PTM service defined on VLAN 301 for TR-069.
|
|
|
So tell me the IP address of a FTTC modem and I'll see if port 8081 is visible
|
|
The author of the above post is a thinkbroadband staff member. It may not constitute an official statement on behalf of thinkbroadband.
|
|
|
Mine is turned off as I said earlier. But anyone can use Shields-Up on http://grc.com to see for themselves.
|
|
|
|
this was open even before unlocking the hg612..
|
|
|
Have tried to access the port over the internet on a BT Infinity line and it is not accessible.
Other providers have done things like only allow certain IP addresses to access the TR-069 ports, so expect similar for Openreach.
grc is not infalliable too, a lot of routers detect the initial probes and then shut down ports, even if they were open as part of DoS protection.
Perhaps more people would like to PM the public IP address so I can peek away.
|
|
The author of the above post is a thinkbroadband staff member. It may not constitute an official statement on behalf of thinkbroadband.
|
|
|
People have remembered to look into this when NOT using an Ethernet router that maybe has these ports open? e.g. HomeHub3
|
|
The author of the above post is a thinkbroadband staff member. It may not constitute an official statement on behalf of thinkbroadband.
|
|
|
|
i can see its tr069 related
2 username login options
|
|
|
|
I'm on Be*. I just tried to access a Plusnet FTTC connection's IP address on port 8081; connection timed out.
|
|
|
I just had a infinity2 install last week, and noticed BT support in India can look what you've changed in the Home Hub, like SSID,etc. after that shock, I tested the ports, and found 8081 open.
From remote windows server, I got tried to see if I can login to my locked modem, and it did come up with the remote login in Chrome:
Authentication Required
The server 86.167.xxx.xxx:8081 requires a username and password. The server says: HuaweiHomeGateway.
User Name:
Password:
So it's open to anyone not just BT.
Does unlocking the modem and switching it to ATM mode close this port?
Edited by deleted (Mon 04-Jun-12 01:12:31)
|
|
|
You don't want ATM mode, it should be PTM.
But if you change the firewall setting from BT to Custom or something, that should block the remote ports.
Edited by deleted (Mon 04-Jun-12 08:34:01)
|
|
|
|
yes, my mistake, infinity2 is VDSL2 based and supports the Packet Transfer Mode.
I've not unlocked the modem yet,but looking at the manual for the modem, it supports full router mode with NAT, DHCPd, firewall,etc,
Is this is true in the unlocked modem firmware?
if so, then you can bypass the homehub3, and plug direct to a Gbit switch.
|
|
|
Yes, you can use the HG612 as a router and skip the HH3.
Thread here http://forums.thinkbroadband.com/fibre/t/4109217-hua...
Edited by deleted (Mon 04-Jun-12 11:45:11)
|
|
|
|
Thanks for the link, it seems simple to configure.
Have you called BT India support after unlocking your modem?
are there any downsides to unlocking the modem and blocking the port?
also, as port 8081 is open to all, I'm interested if anyone has worked out the user and password for the remote login on port 8081?
|
|
|
Try admin admin.
My broadband basic info/help site - www.robertos.me.uk
My domains,website and mail hosting - Tsohost. Internet connection - Plusnet Value Fibre.
"Where talent is a dwarf, self-esteem is a giant." - Jean-Antoine Petit-Senn.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
It appears I have incorrectly thought I could just plug the BT FTTC Modem into my existing router (just a router not a modem so no facilities to enter username / password details)?
Do you need to use the HomeHub thing to enter a username and password otherwise the BT FTTC Modem will not connect?
TIA
|
|
|
|
Something has to establish a PPPoE connection to the ISP, so either the router does with the HG612 acting as a modem, or the HG612 does by acting as a router itself.
|
|
|
It appears I have incorrectly thought I could just plug the BT FTTC Modem into my existing router (just a router not a modem so no facilities to enter username / password details)? What is your existing router? In particular, does it have a WAN port as well as normal ethernet ones?
If you go to BT Infinity they supply a HomeHub. Some other ISPs also supply (inclusive) routers.
BatBoy is right in what he says, but as supplied by Openreach the modem is locked down and cannot function as a router. It can only be used as a 2-port router if you unlock the firmware. It is in effect a pure modem with a single ethernet output. Only the Huawei one is easily unlocked at the moment. The ECI one requires you to do some soldering inside, as I understand the current position. Do you need to use the HomeHub thing to enter a username and password otherwise the BT FTTC Modem will not connect? If you only have one device, (a computer), that you can connect via ethernet, then you don't need a router, as you can enter the username and password for your ISP on your computer.
My broadband basic info/help site - www.robertos.me.uk
My domains,website and mail hosting - Tsohost. Internet connection - Plusnet Value Fibre.
"Where talent is a dwarf, self-esteem is a giant." - Jean-Antoine Petit-Senn.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
admin admin is the default user and password used for the LAN side admin panel on port 80. I did try it before, but I didn't think BT would use the same defaults published in the manual for the remote access on port 8081.
|
|
|
|
Thanks for both replies. I have looked again at the my router settings and there is a PPPoE option and when you select it a username/password option appears. Panic over.
|
|
|
I repeat, "What is your existing router? In particular, does it have a WAN port as well as normal ethernet ones?" WAN ports look like normal ethernet but are often coloured yellow. Should also be clearly labelled as such.
Some have dual capability on Port 1.
Is it even a router? Or is it a modem/router like the O2 box? We are normally very slipshod here about the difference, but in this case it matters.
My broadband basic info/help site - www.robertos.me.uk
My domains,website and mail hosting - Tsohost. Internet connection - Plusnet Value Fibre.
"Where talent is a dwarf, self-esteem is a giant." - Jean-Antoine Petit-Senn.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
Looks like there's a 2 level logon:
Connection request user name: acs/acs
ACS user name: hgw/hgw
|
|
|
Is one of those the password, or is that something else?
My broadband basic info/help site - www.robertos.me.uk
My domains,website and mail hosting - Tsohost. Internet connection - Plusnet Value Fibre.
"Where talent is a dwarf, self-esteem is a giant." - Jean-Antoine Petit-Senn.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
Sorry, it's username/password. For each login the username is the same as the password.
|
|
|
|
Have you logged in remotely to 8081 using these credentials?
It may work on the unlocked firmware, but it's not the case on the standard locked HG612 3B modem.
|
Pages in this thread: 
Print Thread
deleted
