TTNET, Routers, Default Passwords and YOU! - UPDATE

Just when I thought that TTNET couldn't make things any worse, they managed to impress me. Looking in my mail server logs (again) I punched in a few of the ip's I got from them, and found something EVEN WORSE than my previous post.

Above is a login screen for an AirTies (Flash Req'd) RT-102 ADSL2+ modem. Being curious, I looked it up on our old friend the default router password list (see previous post). However, I only found a default password for the RT-201 model. Curious, I went to their site. Strangely, the RT-102 does not even appear on their support pages, so I looked up the next-highest model, the RT-103. I didn't find any documentation in english, but I did find a FAQ section, and to quote:

I forgot the password for my router, what should I do?

If you have forgotten the password you have defined for logging in to your router using the web interface, you need to reset your router to factory defaults. By going back to factory defaults, all other settings that you may have configured (DSL, Wireless, LAN settings) will also be erased. To reset your router, press and hold the “Reset” button on the back panel for 5 seconds while your router is on. You can then login to the web interface by leaving the password field blank, and reenter all your settings.

AHA! That must be it! I'm presuming there IS a default password at all! How silly of me! So, I leave the password blank, and viola! I'm in! *sigh* Now, at this point, I will admit I'm impressed with the routers capabilities. It supports 12 DSL modes, which is quite impressive.


Sigh. Not only do we see the same horrible mistake as last time, but I'm afraid it gets even more comical.


Perhaps, in turkey, there is no word for security? Perhaps there is no word for common sense? Perhaps I've missed something. Is it so much to ask for at least a minimum password policy, TTNET? Any ISP administrator that allows a password like that deserves to be flogged.

But let's look at the situation for a moment. This is a different router than before, with the same problem. The WAN configuration option turned on, and no password set. There is only one conclusion to draw from this: TTNET is doing this on purpose! Sure, the router company is nearly as much at fault, but it appears the TTNET employees are INTENTIONALLY turning on the WAN side configuration at setup!

I wish I had more to say about this, but I think the above speaks for itself.

Failure of the week - Nipplemania

This is a new 'section' which will be updated every Saturday.

See, I hate blogs, really. More accurately, I hate people blogs (blogs about people, livejournal, for example). If I wanted to read some random assholes diary, I'd phone a number in the book and ask them to reveal their personal lives to me. Of course, on the phone no one in their right mind would do such a thing, but on the internet, well, that's different.

It will feature one lucky blogger and a special examination of their postings and the following:

• Narcissism
• Camwhoreism
• Ugly colors/layout
• Number of 'friends'
• Moronic hardcore political/religious association and rants
• Bad poetry/Emoness/Teenage Angst
• ...And more!

I was originally planning to call this 'fag of the week' but remembered that I have nothing against homosexuality, and to put the bottom feeders on par with with them would be insulting.

This week we'll be taking a look at 'Nipplemainia'.

It goes without saying; If you want to find bad blogs, look no further than Xanga. I didn't even have to go further than the second page of google searches to come across this little gem.

Before I get into the details of the posts, let's start with the profile:

Name: Serena
Country: United States
State: New York
Metro: South Glens Falls and Glens Falls
Birthday: 9/9/1983
Gender: Female

Okay, a 24 year old from upstate New York. Your classic yuppie, nothing strange there.

Interests: cars (muscle cars, 60's vintage, some 70's), music (hard rock, heavy metal, grind, gore, what-thefuck-ever as long as IT HAS SOME BALLS) men... real men that talk like men, and don't want to organize my fucking closet. cats, horseback riding.. naturally world domination and the end to all existence.. did I forget I like roses too? :D
Expertise: sarcasm, dry humor, the obvious, artistry, and poetry.
Occupation: Computer related
Industry: Business

Vintage cars, okay. Her taste in music is questionable at best..but, what do we have here? I see, she wants a man to treat her like dirt and slap her around a bit. I can do that, I think. But hello, what's this?! World domination AND destruction? One or the other you dumb bitch. Can't have your cake and eat it too. Note the expertise and occupations; "Artistry/Computer related". That's going to be important later..

We're going to skip over the contact information and subscriptions, and skip straight to the "Blogrings", whatever the hell those are.

 ~*~ My Creative Imagination ~*

~`ART is muh Evrthing`~



















Painting Pictures with Words
 Poets Corner
!!!~DEAD POETS SOCIETY~!!!
my sarcasm is better than yours...so i win

Oh yeah, we got some real gems here. Teenagers of all sorts posting quality art and poetry. Clearly she's a patron of the fine arts. But enough boring profile details, let's move on to the good stuff, the posts!

You don't have to go more than two posts down to get to the bottom of this 'mysterious artistic blog'. Before you can even finish saying 'camwhore' you're confronted with a cold hard dose of her reality:


"Artistic Nudes" Yep. Sure. Right. Let's be honest here. Before us is a sad, neglected 24 year old who does anything for the short lived attention of a horny 16 year old looking to blow a load looking at some titties or some asshole macho boyfriend. Oh, and don't forget, pictures of cats.

But, let's not be too judgmental here. Perhaps her poetry can tell us something about her 'depth'.

Written: June 2, 2007
Title: W o r s h i p
I feel alone; perhaps not alone
so much as empty and helpless
with a fear inside of me so strong
I can't stop it from coming out.

I loved you and have for so long
it gets harder each moment to
tell truth from inner sanctions;
I've built a temple for you.

I envy your resonance and pray
for my rebirth in your mercy;
Surrendering my soul to your all
while I worship you.
© ~Serena~

Nothing there either. Hang on, I think I just threw up a little...

Had enough yet? No? Well, here's her info so you can get even more of her!

Message: message me: email me
Website: visit my website
AIM: nipplemaniea
Yahoo: neoandromedaxo

I personally recommend her website. She has no less than 3 blogs and two art-website accounts linked from there.

In conclusion, a classic narcissistic camwhore, no ifs/ands/buts about it. If you read this; please - get a life, make someone in your family at least a little proud of you. Go to school, get a real job, do something other than post your naked ass on the internet. We have enough of that already.

TTNET, Routers, Default Passwords and YOU!

I maintain a mail server, and occasionally check my logs. Occasionally, I investigate hosts that attempt spam, see why they were reject and what lists they were in, etc. Well, yesterday, I found something amusing.

A number of spam have in the past, come from a turkish ISP called TTNET.

Curious to see if a web server was operating on one of the hosts (many spammers have simple "user name/password" logins to a web interface for the various machines or bullshit "unsubscribe" forms), I popped a few IP's in my browser.

What I discovered...

See that? That's a login screen for a router.

I know what some of you are thinking, there's lots of those out there, right? Not with the default password set.

That's right, you can just log on in! In fact, the router even WARNS you to change the password, how thoughtful!

..Well, actually, it just asks you politely. Of course, if you're lazy, stupid, or just a DSL installer for a turkish ISP, you can just mash ignore and pretend you never saw it.

From there, you can do pretty much anything you want including (but not limited too):

• Set up port forwarding to any host in the network.
• Tun on traffic filters (some models)
• Turn on/off view logging (some models)
• Configure VPN settings (some models)
• Change connection settings (notably fun: DNS for all your phishing phantasies)
• VIEW/SET THE DSL USERNAME AND PASSWORD.

What? But they're all ***'d out?

Silly EndUser™. ***'s on webpages that aren't plopped in by auto complete are filled in by the webserver itself! I'll save that for another post, but essentially, the password is in the source, see?

See those massive black squares? That's not porn, that's user information and the associated password! Not exactly a shocker, but it further illustrates the moral of my story here. There were a number of hosts in the IP range of TTNET configured just like this, default passwords with the web interfaces turned on.

I realize turkey is probably not a upper-class high-tech heaven with super-awesome DSL installers, but there are still lessons to be learned here.

1. Don't trust the guy getting paid minimum wage to install your service correctly.
2. Secure your router, at least change the default password.
3. Don't leave the "WAN Configuration Enabled" option on, ever.
   
4. Don't ignore important warnings about password security.
5. Device manufacturers do not care about security, be careful with your wallet.
   

If you work for a device manufacturer (HA HA HA), there's even more to learn here:

1. Require a password change before allowing the WAN Configuration option to be turned on.
2. Caution users about the horrific gravity of default passwords.
   
3. Don't turn the WAN Configuration option on by default.
4. Put the WAN Configuration option on a timer by default (with a stern warning before turning it on permanently).
5. Instead of plopping the current password in a field, have a "change password" button with a separate page for setting the WAN password without the current password in it. This relieves the requirement of having to send the password in the form. (Of course, it makes recovery more difficult for us white hats.)

Well, I hope my readers (HA HA HA) learned something useful from this.