o2 BB - Security Issues

Discussion in 'Home Networking' started by Paul, Apr 15, 2008.

  1. Paul

    Alex Fraser Guest

    They rarely do, and branded ones may hide even more. Again, old
    Speedtouch routers have a (fairly extensive) command-line interface
    accesible via telnet.

    Alex
     
    Alex Fraser, Apr 17, 2008
    #21
    1. Advertisements

  2. Paul

    Alex Fraser Guest

    Most likely because it is listing all "directly attached" devices and
    mistakenly calling them "LAN devices". That is, an error in reporting
    not functionality.

    Alex
     
    Alex Fraser, Apr 17, 2008
    #22
    1. Advertisements

  3. Paul

    Col Morrison Guest

    So you're asked to take a certain amount of responsibility, which is as
    it should be. I wouldn't mind if they gave me *complete* ownership of my
    address block.
    Am I missing something here? In n years of running a name server, a mail
    server and a web server, latterly with Zen, I've never had any fallout
    effects from the entry in the RIPE database.

    It's only your name and netname, after all.
     
    Col Morrison, Apr 17, 2008
    #23
  4. Paul

    Adrian C Guest

    Adrian C, Apr 17, 2008
    #24
  5. Paul

    Andy Furniss Guest

    I expect so. I used to be able to see direct connections without opening
    nat/firewall at my end. Maybe it needed the other end to be just doing
    nat or maybe direct - not sure how good msn messengers nat hole punching
    is but you would expect it to get better not worse.

    Anyone who wanted to get direct connections to see IPs could just open
    up their end.

    Andy.
     
    Andy Furniss, Apr 17, 2008
    #25
  6. Paul

    tinnews Guest

    But although it's documented in the sense that there is a description
    of every command in the .pdf there's no really useful documentation on
    how to do particular tasks from the command line. I have a (now
    retired) Speedtouch 716WL and had to use the command line for a couple
    of things and it's a real pain.
     
    tinnews, Apr 18, 2008
    #26
  7. Paul

    Paul Guest

    Yes, the overlap between a 'commercial' responsibiliy and a 'private'
    user's personal security. IMHO, the name should only be registered
    for business users. The number of IP addresses should make any
    difference to how much privacy one is entitled to on a 'personal' or
    private account.
    There are some real nutters out there.
     
    Paul, Apr 19, 2008
    #27
  8. Paul

    Paul Guest

    Paul, Apr 19, 2008
    #28
  9. Paul

    Paul Guest

    http://bbs.adslguide.org.uk/showthreaded.php?Cat=&Board=o2&Number=3180068

    ==========quote===========
    Just want to raise a potential security concern based on some more
    manual reading:

    When the ID/password SuperUser/O2Br0ad64nd (ie digits 2064) ID was
    revealed on here, it was mentioned that "this does not pose a security
    risk as you can only use this password from the LAN side, not the
    WAN".

    However reading the Thomson manual about Users & access
    privileges/rights, it says the SuperUser CAN be used from anywhere:

    - "SUPERUSER : This user can perform any service via any access
    channel from any access origin."
    ==========/quote===========

    Something to worry about then.
     
    Paul, Apr 19, 2008
    #29
  10. Paul

    Alex Fraser Guest

    Only if it is possible to get as far as providing those details, which
    is unlikely in the extreme (except possibly from some specific IP
    address/range, as I mentioned in a reply to Herman in this thread).

    Run a portscan against your router from the Internet - which ports are
    open? (If you have a single IP and use NAT, this should be as easy as
    going to a suitable website from a computer on the LAN.)

    Alex
     
    Alex Fraser, Apr 19, 2008
    #30
  11. Paul

    Paul Guest

    I'm sure that O2 will have a port ready and waiting for them to
    connect to, should they wish to. Standard port are secure but there's
    thousands for O2 to chose from.
     
    Paul, Apr 20, 2008
    #31
  12. Paul

    Paul Guest

    Paul, Apr 20, 2008
    #32
  13. Paul

    Adrian C Guest

    Working fine here. Raise one end of your phone cable up a bit, the
    electrons may be feeling a bit lazy on a sunday afternoon.

    Or, you may be having some DNS issues, which does happen with Be - check
    the forums...

    Ermmm... Doh!!!!

    :)
     
    Adrian C, Apr 20, 2008
    #33
  14. Paul

    Paul Guest

    What I meant is that I cannot access the forum itself, not the
    website. My O2 login doesn't work and I cannot see any "sign up" area
    for none "Be" users.
     
    Paul, Apr 20, 2008
    #34
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.