> I recently did a test on an embedded device that worked like this, you > went to the company web site and set the configs then it passed them > to the device. All the comms was done over HTTP so it was a simple > task to poison the DNS, put myself in the middle and then proxy all > the traffic. > > Being a modem you probably aren't going to be able to get between it > and the ISP but it might be worth port scanning it to see what ports > are open, if the config port is open internally as well as externally > then you might be able to program it yourself if you can get hold of > the specs. They aren't usually fussy which interface config ports bind > to so it might work. > > And 40 up/2 down, unless you seed a lot of stuff sounds like they > ripped you off there as well :) > > Robin
Port scanning the modem might give some interesting info. I'll do that this weekend. The communication with the site goes over HTTPS, but that doesn't stop a dedicated hacker. I have not reason what so ever to trust the tech guys at the ISP to make sure my config data is secure in house. Of course I get 40Mbps down and 2Mbps up. LOL Bert _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
