Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Security, GPL and Corporates

Anonymous Coward writes | more than 5 years ago

Programming 0

An anonymous reader writes "Recently I received an ADSL modem from my landline provider, I have plugged it in and began exploring what it was capable of doing.
I have found out that under it's default configuration it has more security holes than a Swiss cheese, wireless is active, receives configuration updates from a TR-069 server, UPNP is active, it also has some preconfigured bridges to some unknown preconfigured VPI,VCI and an open TCP port (besides the one that is used from UPNP) that peeked my interest.
Some of the holes that were discovered were plugged but I didn't find a way to close the open port.
I also heard some stories that the landline provider has remotely connected to some users and has fixed their modem issues although it is a great thing I prefer to do it myself and consider it a security risk.
Digging around I found out that it contains Linux kernel and what appears to be a crippled BusyBox, so I contacted my landline provider and have asked him to provide the source code for the GPLed software so I could find out the process that keeps the port open and kill it, they refused.
I am a fan of Linux and personally use it, I have notified the author of the busybox of the apparent violation but my main concern is the possible security holes in the device.
Any idea on what can be done in order to secure it?"

cancel ×


Sorry! There are no comments related to the filter you selected.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>