Are you using a DSL modem/router to connect to the internet? Mostly everyone I found haven’t changed the default user name and password which is used to login to the modems admin panel. Most modems comes with the default user/pass combination of admin/admin , admin/password. So what is the risk of not changing these logins?
Most of the older modems and around 20% of newer modems doesn’t have a firewall ( or disabled firewall option by default ) between the internet and the modem. So this means that anyone who knows your public IP can login to your routers admin panel and do potentially dangerous stuff. Including stealing your DSL services login names ( most common ) , opening up ports to give access to run malicious programs etc.
How the hackers find your IP’s
Lets say that I want to steal DSL service login details from the people who use the same DSL service that I use. There are 2 simple methods to do that
- Ping the IP range of the provider
You can find the IP address ranges of the provider by using a service like http://bgp.he.net . When you visit that link you can find the AS ( Autonomous System ) of your current IP range and see whats IP ranges that your ISP is announcing. Or you can search for the provider and find the ranges. Now I can ping that range to find the IP’s addresses which are currently responding and after finding the IP’s which are currently up, I can try entering those in my web browser and when it prompts the login dialog I can try the default combinations.
- By using an IP logger
It’s very easy to capture the IP’s by using a service like http://iplogger.org . hackers just have to insert the hidden image on local community forums, blogs and places where the people gather and in a moment hacker will have 100’s of probably alive IP’s at his disposal.
Be smart change login details now
I’m not a hacker by any means but I have tried the second method mentioned above to experiment on this and I was surprised to find that even some modems let you telnet to it by using the public IP. The most common abuse done by the hackers is stealing the login details to DSL service so they can use your login details to do the all kind of abuse such as consuming your bandwidth allowance and launching attacks.
You can avoid these attacks by enabling the default firewall of the modem and changing the login details. So if you haven’t already, do this now!
Last 5 posts by Ruchira
- Slotomania Free Slot Games Review - February 24th, 2015
- The Role of Social Media and SEO - October 25th, 2013
- Google announces uProxy to overcome internet censorship - October 22nd, 2013
- Command line bandwidth monitors for Linux - October 21st, 2013
- Problem Kids: When You Know How To Spy On iPhone Remotely, You Worry Less And Focus Better! - August 19th, 2013