Otenet blocks incoming connections at port 80?

Sat Feb 11 23:20:31 EET 2006

Fanis Dokianakis wrote:
> On Sat, Feb 11, 2006 at 02:05:24PM +0200, Giannis Papaioannou wrote:
>> Den 8ymamai pou akribws to diabasa h' an mou to eipe kapoios. Eixane leei
>> kapoio problhma me ton e3oplismo apo thn intracom, pou edinan prosbash se
>> opoiondhpote ape3w giati eixan ola to idio default password. Etsi kapoioi
>> sniffaran polla passwords apo pelates ths ote/otenet h' phran ton elegxo
>> apo ta modem routers kai twra tous ekbiazoun.
>>
>> De 3erw an einai alh8eia, an kapoios 3erei akribws ti trexei as mas pei.
>>
> 
> Distihos ishyei,
> 
> To modem pou edine to ondsl kit (exei allaxei?) erhotan me default
> password kai anoihto to remote administration opote akouge sthn 80.
> 
> Tha mou peite, kala mwre kai ti tha ekane o "cracker"? tha ekove thn
> syndesh i tha evaze kanena hacked firmware? kai pou tha evriske kai thn
> ip...
> 
> Thn ip tha thn evriske paneykola dioti oles oi syndeseis ondsl einai sta
> idia class c subnet.
> 
> To ekplhktiko omos me ayto to modem htan oti to web interface to eftiakse
> kapios pou einai entelos anideos eite me thn asfaleia eite esto me thn
> html. To password gia to account sthn fainotan kathara ston kwdika html
> afou prostateyotan mono apo to krypsimo (asterakia) tou password field.
> 
> Kanonika den eprepe na fortonei pote to password apo thn flash para mono
> kata thn syndesh.
> 
> Ithiko didagma? 
> 1. pote ma pote den afhnoume default password sta mihanimata mas.
> 2. na mhn protimame isp pou den kanoun eleghous poiotitas kai asfaleias
> sta mihanimata pou dinoun stous pelates tous.
> 
> Fanis
> 
> 
> 
Είναι έτσι κι αλλιώς απαράδεκτο το να μην ασχοληθείς με το μηχάνημα σου. 
Το "secure by default" μόνο ο Theo θα μπορούσε να το σκεφτεί. Το NetBSD 
έπειτα από default installation έχει έναν ftp client και τίποτε άλλο. 
Who is more secure by default then..? :P Μα αφού δεν έχει open ports πως 
θα μπεις μέσα? Ναι άλλα έτσι είναι by default..