[TriLUG] Vulnerability on Uverse

Wes Garrison via TriLUG trilug at trilug.org
Tue Nov 17 12:23:29 EST 2015


Actually since AT&T switched to ADSL2+ (they call it "IPDSL"), VDSL, and
FTTH, they are using 802.1x authentication using an x.509 certificate.

The certificate is stored in each modem/router's firmware, and I believe it
is device-specific.

Some have gotten around this problem with devices with a "broadband"
Ethernet port (such as the Arris "NVG" series) by using a 3rd party DSL
modem and plugging the AT&T modem's broadband port into the 3rd party modem.

I would be interested in knowing if someone with the correct skillset could
extract the x.509 certificate using the JTAG port.

Most routers can authenticate using 802.1x.

Anyone up for it?  I've got a few AT&T routers to play with !

-Wes

_________________________________
Wesley S. Garrison
Network Engineer
Xitech Communications, Inc.
phone:  (919) 260-0803
pager:   (919) 869-1744
fax:       (919) 932-5051
__________________________________
"Lead us not into temptation, but deliver us from email."

On Tue, Nov 17, 2015 at 12:15 PM, Craig Cook via TriLUG <trilug at trilug.org>
wrote:

> >At&t says their gateways don't offer a bridging mode.
> >I would suspect a firmware update from the manufacturer would have to
> >be installed by AT&T.
> >At&t has not offered to update the gateway and basically says all of
> >their gateway models would have the same port open.
>
> AT&T told me there is a SSL cert installed on their modems.  You can't
> replace them with something else that is not provided by them.I could not
> put a firewall is pass through mode in front of their modem.If they will
> not update the firmware I suggest you look at a different internet
> provider, or a different way to accept credit cards.
>
> Craig
>
> --
> This message was sent to: Wes <wes at xitechusa.com>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that
> address.
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web  :
> http://www.trilug.org/mailman/options/trilug/wes%40xitechusa.com
> Welcome to TriLUG: http://trilug.org/welcome
>


More information about the TriLUG mailing list