In reply to a post by 10forcash:

No, it's gaining access to your LAN (wired and / or wireless) remotely using the router or modem WAN interface due to a poor implementation of the TR-064 /TR-069 Protocol.
Typically, this has manifested itself in allowing 'botnets' to be created using the modem or router hardware, it is possible that because it bypasses any built-in firewall or access rules, that an attacker could infiltrate devices on the LAN, possibly to deploy ransomware or harvest personal details. As I stated previously, closing off this particular attack vector does not make you secure, just less insecure.

Again thanks to you for the info. I hope I have done all I can to protect myself.

Edit..

Not sure I can get away from this.. I put the Billion on and did a factory reset - and it picked up my account right away. Not even put my username in!

Which is this TR69?

Edited by deleted (Thu 08-Dec-16 19:54:18)

I just changed the Auth method from Auto to CHAP and put my username and password in - which I hope will turn the TR69 thing off.

Talktalk vDSL uses DHCP, no authentication needed. TR-069 is the protocol used by ISP's and if installed, not generally presented as an on/off option - but can generally be controlled via telnet commands.
If you have CCTv, that is a vulnerability all by itself if it presents itself to the internet. Not sure what you mean by 'card machine'
I've said it before on this site - and been derided for it - any internet connected network needs to be treated as compromised and all the devices connected to it need to be secured, not just 'from the outside' but also from each other.
See the following articles:-
http://www.theregister.co.uk/2016/12/08/talktalk_rou...
http://www.theregister.co.uk/2016/10/27/good_luck_se...
http://www.theregister.co.uk/2016/12/07/ip_cameras_u...
http://www.theregister.co.uk/2016/12/08/can_isps_ste...
http://www.theregister.co.uk/2016/10/19/home_router_...

Apologies to those who find 'The Register' irksome, they do make some pretty dry stuff readable to non - greybeards.
Edit:- It appears that Some Billion routers do make TR-069 available - this in itself isn't an issue as it's a specific problem with certain chipsets and their firmware implementation of TR-064 and it's availability on the TR-069 port, not an issue with all TR-069 / TR-064 implementations. There appears to be a knee-jerk reaction in people rushing to try and disable the TR-069 protocol, this is not useful, in the event of an ISP or modem / router manufacturer having to push updates to prevent further vulnerabilities or correct connection issues (or even enable features such as G.Fast), those with equipment that isn't updatable will at best, lose out on new features or at worst, have their equipment compromised.

Edited by deleted (Thu 08-Dec-16 22:57:23)

In reply to a post by 10forcash:

Not sure what you mean by 'card machine'

One of those contactless terminals like you get in your local Tesco.

Ah, well as long as it complies with PCI DSS then you should be OK, it won't make things any more secure but procedurally you're covered against losses.

I believe so - it was put in by a reputable company. But I WILL check and thanks for the info!

TalkTalk lines don't need an authentication account usually

Thats true - I was on right away with their autoconfig but isn't this the same thing as the TR069 that people are using to hack with?

I've set my gear to use CHAP instead of Auto so I hope this will help? I have no real Idea what I am on about but I want to protect the card machine and CCTV as it's of my many properties so to me it's sensitive. It's also remotely monitored.

Not the same, DHCP is very different to the TR-069 Protocol - you can disable TR-069 and DHCP will still function, as long as the modem / router is configured to use it. Note that DHCP is (as far as I'm aware) only used on Talktalk LLU circuits, other implementations, including aDSL may require authentication. If you really want control of the LAN side of your network, pfsense is a good option but it will require another device in the chain with two network ports, I set one up for my son to test using an old Compaq netbook with a USB Ethernet dongle as the second port, it's low power consumption with the screen switched off helps too.

Thanks for the advice. I am sure I am on the LLU network of it's equiv for FTTC. I know that without DHCP the connection won't work. I have been considering re commissioning my TP-Link Rack mounted load balancer which has 4 ports and would be able to round robin and balance my connections and bond them together. It cost me £150 about 2 years ago and I have not really used it much!

Edit: I must be on their LLU network or something - as a Static IP change forced me to re auth - something they wouldn't be able to do on BT.

Edited by deleted (Fri 09-Dec-16 19:15:10)