RE: Protecting against the Alcatel ADSL modem vulnerability
I agree with the fact that if u limit the connections to the modem it will be the start of protecting it but... ANYONE who will access your modem, meaning he has to break into the server: first and from it access the modem, can control it and one of the basic things he can do is make it unusable for u. The first thing you should do is set the password on the modem, Bezeq never do it on installations. The second thing is to protect your server, If they cant access it they cant access the modem. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Dani Arbel Sent: Wednesday, April 25, 2001 8:40 PM To: Shlomi Fish Cc: [EMAIL PROTECTED] Subject: Re: Protecting against the Alcatel ADSL modem vulnerability Shlomi, Your ADSL has an ip # in 10 net , and is not accesible from outside. You have to protect your host ip # only. If you are paranoid and fear that someone will control your ADSL modem from outside (pure ATM) then you can limit the connections alowed for 10.0.0.138 . Dani On Wed, 25 Apr 2001, Shlomi Fish wrote: Hi! I have an Alcatel ADSL modem at home and I use it to connect my Mandrake 7.2 Linux to the Internet. I followed the HOWTO and everything is working fine. Now, I want to set up a firewall that will protect my computer in case somebody penetrates the modem. I have already set up an IP-Chains firewall to protect me against connecting to TCP ports via the ppp0 interface, but should I also do it for the eth0 interface? Any pointers and guidelines would be highly appreciated. Regards, Shlomi Fish -- Shlomi Fish[EMAIL PROTECTED] Home Page: http://t2.technion.ac.il/~shlomif/ Home E-mail: [EMAIL PROTECTED] A more experienced programmer does not make less bugs. He just realizes what went wrong more quickly. = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
RE: Protecting against the Alcatel ADSL modem vulnerability
I agree with the fact that if u limit the connections to the modem it will be the start of protecting it but... ANYONE who will access your modem, meaning he has to break into the server: first and from it access the modem, can control it and one of the basic things he can do is make it unusable for u. The first thing you should do is set the password on the modem, Bezeq never do it on installations. The second thing is to protect your server, If they cant access it they cant access the modem. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Dani Arbel Sent: Wednesday, April 25, 2001 8:40 PM To: Shlomi Fish Cc: [EMAIL PROTECTED] Subject: Re: Protecting against the Alcatel ADSL modem vulnerability Shlomi, Your ADSL has an ip # in 10 net , and is not accesible from outside. You have to protect your host ip # only. If you are paranoid and fear that someone will control your ADSL modem from outside (pure ATM) then you can limit the connections alowed for 10.0.0.138 . Dani On Wed, 25 Apr 2001, Shlomi Fish wrote: Hi! I have an Alcatel ADSL modem at home and I use it to connect my Mandrake 7.2 Linux to the Internet. I followed the HOWTO and everything is working fine. Now, I want to set up a firewall that will protect my computer in case somebody penetrates the modem. I have already set up an IP-Chains firewall to protect me against connecting to TCP ports via the ppp0 interface, but should I also do it for the eth0 interface? Any pointers and guidelines would be highly appreciated. Regards, Shlomi Fish -- Shlomi Fish[EMAIL PROTECTED] Home Page: http://t2.technion.ac.il/~shlomif/ Home E-mail: [EMAIL PROTECTED] A more experienced programmer does not make less bugs. He just realizes what went wrong more quickly. = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
RE: Protecting against the Alcatel ADSL modem vulnerability
Hi, First, I recommend using a modem that cant be connected by telnet, ftp, tftp,httpd etc. in my modem as I see in IPtraf the packets cannot be accepted. If you have a modem that cannot accept any services as mentioned above can not be exploitable only if someone hacks the server. Secure the server and secure the modem by password if there any. Also, alcatel speed touch PRO is exploitable (BugTraq): Taking advantage from the ALCATEL Speed Touch Pro backdoor and configuration problems, it is possible to obtain a full priv access to the router and launch several attack against the internal LAN thanks to the NAT/PAT feature often made available. Second, all the users of alcatel speed touch I recommend read this: http://security.sdsc.edu/self-help/alcatel you can read some docs there. At 12:25 26/04/01 +0200, you wrote: I agree with the fact that if u limit the connections to the modem it will be the start of protecting it but... ANYONE who will access your modem, meaning he has to break into the server: first and from it access the modem, can control it and one of the basic things he can do is make it unusable for u. The first thing you should do is set the password on the modem, Bezeq never do it on installations. The second thing is to protect your server, If they cant access it they cant access the modem. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Dani Arbel Sent: Wednesday, April 25, 2001 8:40 PM To: Shlomi Fish Cc: [EMAIL PROTECTED] Subject: Re: Protecting against the Alcatel ADSL modem vulnerability Shlomi, Your ADSL has an ip # in 10 net , and is not accesible from outside. You have to protect your host ip # only. If you are paranoid and fear that someone will control your ADSL modem from outside (pure ATM) then you can limit the connections alowed for 10.0.0.138 . Dani On Wed, 25 Apr 2001, Shlomi Fish wrote: Hi! I have an Alcatel ADSL modem at home and I use it to connect my Mandrake 7.2 Linux to the Internet. I followed the HOWTO and everything is working fine. Now, I want to set up a firewall that will protect my computer in case somebody penetrates the modem. I have already set up an IP-Chains firewall to protect me against connecting to TCP ports via the ppp0 interface, but should I also do it for the eth0 interface? Any pointers and guidelines would be highly appreciated. Regards, Shlomi Fish -- Shlomi Fish[EMAIL PROTECTED] Home Page: http://t2.technion.ac.il/~shlomif/ Home E-mail: [EMAIL PROTECTED] A more experienced programmer does not make less bugs. He just realizes what went wrong more quickly. = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] Regards, Eran Levy. E-mail: [EMAIL PROTECTED] WebSite: http://come.to/liloboot = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Protecting against the Alcatel ADSL modem vulnerability
Hi, Shlomi! On Wed, Apr 25, 2001 at 01:15:07PM +0300, you wrote the following: I have an Alcatel ADSL modem at home and I use it to connect my Mandrake 7.2 Linux to the Internet. I followed the HOWTO and everything is working fine. Now, I want to set up a firewall that will protect my computer in case somebody penetrates the modem. I have already set up an IP-Chains firewall to protect me against connecting to TCP ports via the ppp0 interface, but should I also do it for the eth0 interface? Why not? There should be no problem blocking all incoming TCP connection attempts, as well as all the UDP and ICMP traffic. -- Alex Shnitman [EMAIL PROTECTED] http://alexsh.hectic.net/ UIN 188956 PGP 0xEC5D619D / E1 F2 7B 6C A0 31 80 28 63 B8 02 BA 65 C7 8B BA = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Protecting against the Alcatel ADSL modem vulnerability
On Wed, 25 Apr 2001, Shlomi Fish wrote: snip alcatel modem related protection request http://security.sdsc.edu/self-help/alcatel will be a good start. -- mulix http://www.advogato.com/person/mulix linux/reboot.h: #define LINUX_REBOOT_MAGIC1 0xfee1dead = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Protecting against the Alcatel ADSL modem vulnerability
On Wed, 25 Apr 2001, mulix wrote: On Wed, 25 Apr 2001, Shlomi Fish wrote: snip alcatel modem related protection request http://security.sdsc.edu/self-help/alcatel will be a good start. I read their FAQ: http://security.sdsc.edu/self-help/alcatel/faq.shtml and from the answers to the questions it seems that they don't have a stable solution to recommend. Regards, Shlomi Fish -- mulix http://www.advogato.com/person/mulix linux/reboot.h: #define LINUX_REBOOT_MAGIC1 0xfee1dead -- Shlomi Fish[EMAIL PROTECTED] Home Page: http://t2.technion.ac.il/~shlomif/ Home E-mail: [EMAIL PROTECTED] A more experienced programmer does not make less bugs. He just realizes what went wrong more quickly. = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Protecting against the Alcatel ADSL modem vulnerability
Shlomi, Your ADSL has an ip # in 10 net , and is not accesible from outside. You have to protect your host ip # only. If you are paranoid and fear that someone will control your ADSL modem from outside (pure ATM) then you can limit the connections alowed for 10.0.0.138 . Dani On Wed, 25 Apr 2001, Shlomi Fish wrote: Hi! I have an Alcatel ADSL modem at home and I use it to connect my Mandrake 7.2 Linux to the Internet. I followed the HOWTO and everything is working fine. Now, I want to set up a firewall that will protect my computer in case somebody penetrates the modem. I have already set up an IP-Chains firewall to protect me against connecting to TCP ports via the ppp0 interface, but should I also do it for the eth0 interface? Any pointers and guidelines would be highly appreciated. Regards, Shlomi Fish -- Shlomi Fish[EMAIL PROTECTED] Home Page: http://t2.technion.ac.il/~shlomif/ Home E-mail: [EMAIL PROTECTED] A more experienced programmer does not make less bugs. He just realizes what went wrong more quickly. = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
