Saturday, April 28, 2012

TimeWarner wifi....excuse me?

Just picked up one of the new Motorola SBG6580 DOCSIS 3.0 modems from Time Warner yesterday, the leaflet included shows how the password is based on the mac address.


Is it just me or isn’t the mac address visible for all to see?


An even more worrying issue that I found out is that although you can reboot to factory settings (stick a pin in the white button on the back for 30 seconds) and browse to the control page http://192.68.0.1 (password admin/motorola) as soon as you connect the coax cable the router will “seek home” and reconfigure itself to a Time Warner BOOT server (or whatever the name is for this when it comes to cable modems) and reconfigure itself, eg so if you “turn off” wifi access on the control page…..Time Warner in their basic configuration turns it back on…….

Lol seems funny now but spent 45 minutes turning it off then rebooting to connect and then trying to work out why neighbors could see my wifi signal again

It turns out that only the TimeWarner L3 help desk have the ability to remotely turn wifi on/off for your device (or turn it into a dumb bridge which is what i was really wanting to do) more importantly once they configure it you have no ability to stop them remotely turning it on again or to set passwords/usernames to customize access WOW WTF!!!!!

Next time the RIAA come looking for you for downloading something illegally from your IP address….make sure you forward them on to Time Warner.

I understand why they do this (eg stupid customers cost money to support) but seriously WTF??

Anyone using these docsis 3 modems better be running some kind of personal firewall between you and the modem seeing you can no longer turn off remote management, wifi, bridge mode etc permanently from your end and this is all being controlled within Time Warner.

I bet you a possible reason that they are doing this is to start offering “city wide wifi” soon without telling you that your username and password is actually sucking connection from paying customers but seriously if someone claims you are doing something from your IP address this is now a get out of jail free card.


Cheers,
Dean



1 comment:

  1. This is of course a stupid practice. especially since they will not allow you to alter any settings yourself.
    But - TWC are not the only ones. I have seen worse.
    One example -
    I still see a lot of 4 character WEP based SSID's. The 4 numbers are very close to the last 2 octets of the MAC address of the wireless router.
    The WEP passphrase is the MAC address of the AP, except it ends in the SSID and then a bunch of zeros.
    like this:
    SSID: 1F23
    MAC address: 00:22:2D:8A:1F:25
    ( always broadcast in cleartext )
    the passphrase then will be

    00222D8A1F2300000000000000

    this may look difficult, but it means an intruder can pretty much wander Manhattan and always be using someone else's internet.

    If you see a 4 character SSID, and the characters are all 0-9 and A-F,
    then a single glance at a wifi scanner will give you the MAC address and you can guess the passphrase in about 20 seconds.


    I have also stumbled upon a lot of folks who use their phone number as their WEP passphrase.
    A 10 digit phone number will provide the key for 64 bit WEP.
    I do not know if this is a Verizon things or if people are simply just coming up with this on their own.
    Of course, if you crack one of these, you get their Internet and some personal info as well.
    Scary.

    ReplyDelete