Dear Mauritius Telecom,

I am a pretty happy customer of your company for several years now. Spare the phone line, I also had the ADSL 512, which got upgraded to ADSL 1M, and I now have Fiber at Home. I am satisfied with the speed bumps with the bonus that I was upgraded automatically and thus no extra fee to my subscription. For that, a very low bow of thanks. Furthermore, your FTTH landing page said that Fiber would be deployed in 2018 in L’Escalier, but I got it in August ’17. 🙂

But, the same Fiber deployment, widely accepted by the public as an ouf de soulagement is now raising some eyebrows regarding the security flaws detected in the routers. You may have heard/read about them but for the record i’ll link them below:

Continue reading

It’s been long since I’ve posted to my blog and this one will be a short post.

So, as the title says, this post is about some security flaws, we can call them, in those new FTTH modems deployed by MT in its fiber coverage project. I stumbled across it through a podcast by Hackers.mu, a Mauritian group with technical abilities working towards Internet Security and Awareness. You can watch it here.

The modems are from Huawei, precisely Huawei HG8245H.

Apart from the default username and password given to all modems; the telecomadmin thing, it seems that the telnet connection too has a default password.

Telnet in simple words is an uncrypted command line interface you use to connect to a device and communicate with it to get infomation, set parameters and the like.

So, apart from the usual Web Interface, you can connect through your modem, for the geeks or tech ethuiast out there, and configure your modem using command line using Terminal on Linux/Unix boxes or Putty on Windows machines. But, not only you.. anybody on your network can do it.. and clever enough; people from outside your network too.

Well, to save you from mishaps, I will not enumerate the endless things that bad-intended people can do with your modem under you command, DO NOT FORGET THAT YOUR TELEPHONE LINE IS NOW CONNECTED DIRECTLY TO YOUR MODEM, (understand unsollicited premium international calls or 303-Bolom-Noel calls [did many of that long ago 😛 ];

  • First, change the default login password to the Web User interface by going to http://192.168.100.1 . Login and navigate to System Tools > Modify Login Password and set a hard-to-guess-easy-to-remember password. (Please do not forget or lose it, as it may be a hassle to get it back. Plus, you will need it when MT guys show up for some repair or service.
  • Next, disable the telnet service by moving to Security > ONT Access Control Configuration and UNTICK the ENABLE THE LAN-SIDE PC TO ACCESS THE ONT THROUGH TELNET.

That’s not all of the vulnerabilities. But, this should get you started at being more covered.

I wrote an open letter to Mauritius Telecom with solutions on how to counter the flaws. You can read it here: 

http://irshaad.me/wp/open-letter-to-mauritius-telecom/

That’s for now friends. More blog post with awesome stuffs coming soon !!

By the way, I really like the FTTH service by MT, the step taken to provide better Internet Connectivity. Not enough but good leap forward. Thanks MT

Brief Update #1 – 17 Oct 17 – 00:00 GMT+4

There are two accounts (or maybe more) on the routers provided by MT. One with the username root and the other telecomadmin. The root one is just a customer User Interface with limited options, but the telecomadmin one has the features mentionned above. So make sure you get both of their passwords secured.

 

Till then,

Irshaad

 

Posts from others:

 

Image courtesy of huawei.com