BSNL Broadband users - save yourself!

Disclaimer : The information provided below is for educational purpose only. I amnot responsible for any misuse of the information and discourages any illegal use of it.

Bsnl Broadband continues to grow as one the most popular broadband services in India with high speed facilities of upto 2 mpbs. But a large number of users of this service are vulnerable to hacker attacks because discovering and hacking the vulnerable victims of this network is shockingly simple. If you are a Bsnl Broadband user then immediately assess the security of your internet connection and take appropriate steps to secure yourself.

Its very easy to get the bsnl user id and password

Well each steps take less than 1 minute so getting username passwords wont take even 2 minutes and is easier than sending a mail.

And this exposes the weak security of bsnl broadband users.

Well this is not a weakness but more of a mis-configuration which leads to insecurity. If you understand networking then you would probably realise that it was merely logging into the remote administration service of the modem and nothing else. This was not really hacking but a simple search of victims who are absolutely ignorant of their weak security on the internet.

Most routers have an option where remote management can be disabled. In other words, you can only connect to the configuration interface from the internal network, not the WAN(Internet) side. You would definitely want to make sure remote management is not active to protect yourself.

Note : On SmartAX MT880 eventhough Remote Management is disabled , it permits remote logins from over the Internet. So change your mode administration passwords immediately.

The problem is that the professionals at Bsnl are ignorant of such simplicity of networking and unable to advise the users or guide them to take proper security measures leaving their customers and themselves absolutely unsecure.

Now lets check a few more options related to this issue. A bsnl broadband modem can be used in two modes. RFC Bridged mode and pppoe mode.

In the RFC Bridged mode the device behaves like a modem device that is attached to your computer and you use some dialup software to dial into the isp through this modem.This is PPPOE from the PC and the adsl device is a good modem. This mode is safer as the username password are on your pc and nothing is on the modem.

In the PPPOE mode the adsl device becomes a router - a distinct network device with many features enabled. In this mode the username password is stored in the modem which will dial to the isp and establish the internet connectivity. The computers will just connect to this router who would be their primary gateway. Now this is the mode where the risk exists.

If remote administration is enabled the remote users from the internet can login to this modems administration panel. Now the main problem is the default admin username-password which most users dont change due to ignorance. ?admin-admin? is pair that works in most cases giving you full access to the modems internals. What follows next is simple as drinking a glass of orange juice.

Many users install firewalls and think they are safe, but they fail to understand that the firewall protects their PC not the ?router? since the topology is like

(PC) -> router -> internet

So how should you secure yourself ?

1. Use RFC Bridged mode if it is sufficient for you.

2. Change the default admin password of your modem.

3. Disable wan ping reply . ( this will prevent the hackers from directly discovering your pc when it is on the internet)

4. Disable remote configuration feature.

5. Check your broadband usage on a regular basis and compare it with your own surfing schedules to check whether someone else has used it or not. If suspiscious usage is indicated then immediately change your bband password as well. Or a better suggestion will be to change broadband passwords on a regular basis.
6. Immediately change the default password provided by BSNL.
7. Make sure you also put in a password for the modem [important].
8. Make sure that password cannot be brute-forced easily.
9. Use a firewall make sure no unnecessary ports are open [especially the HTTP port (80)].
10. If you fell you are a victim of password theft, immediately change your account password and contact BSNL.
11. Best way is, to not have the password in the modem in the first place, use bridged mode to connect to the internet.

How to connect using bridged mode

1. Open you modem [http://192.168.1.1]
2. In WAN Settings ?> WAN Type ?>RFC2684Bridged
3. Connection Type ?> Pure Bridged
4. Save and Reboot.
5. Start ?> Control Panel ?> Network Connection
6. Create a new network connection ?> next
7. Connect to the Internet ?> next
8. Setup my connection manually ?> next
9. Connect using a broadband connection that requires a broadband ?> next
10. Put some ISP name ?> next
11. Put YOUR username and password ?> next ?> Finish

Now, turn on your modem wait until the LINK becomes a steady green color [MT880 and 82]. Now connect using the newly made connection.

Try to spread the security awareness to your friends and other relatives who are using Bsnl broadband and encourage them to secure their internet connectivity.
Regards,

Himanshu Sharma.

Ads