The other day I read that Comcast is launching a new plan to turn home internet users into unwilling participants in their new global wifi strategy. I'm sure that they will soon be touting how insanely awesome it will be to get "full strength" internet access virtually anywhere just by subscribing to this service. Other than the issues with taking a service that the consumer already pays for and carving out their bandwidth for other people, the security practitioner in me can't help but wonder what the security ramifications of sharing an internet connection like this actually means. Combine this with the default access to your cable modem that your service provider already has, and it paints a very scary picture of network security for the home user. It is no longer sufficient (if it ever was) to rely on your cable modem for network access controls. Thus, I am advocating in favor of placing a personal firewall between your cable modem and your network for all home internet setups.
Now, it's not as bad as you may think. It doesn't have to be some crazy expensive piece of equipment like you'd purchase for a business. Even the basic home gateways come with the ability to do Network Address Translation (NAT) which effectively turns your internet connection into a one-way pipe. All I'm saying is that instead of plugging your network devices directly into the cable modem for Internet access, you should use your own hardware and draw a clear "line in the sand" between your equipment and theirs. In addition, I would advocate that you should no longer consider the wifi access provided by the cable modem device as safe and should use your own equipment for this access. In other words, treat anything on the WAN side of your home gateway/personal firewall as untrusted and protect against it accordingly.
This post is going to be short and sweet as it's something I meant to put up here when I found it sometime back in mid-2011. I'm not even sure if Time Warner is still using these Ubee cable modems for their RoadRunner offering, but I'm sure that there are at least a few people out there who still have them. When you get the modem installed initially, they give you some default credentials. Something like user/user or admin/admin. Using these credentials, you are able to access the device and many of the features that it has to offer you. What you are not able to do is access the menus where you can change how the router is actually configured for internet access, change the master password, or prevent Time Warner from accessing your modem, and subsequently, your network. To fix this, you just need to know the following secret...
The real administrator username that comes configured on these modems when you get them from Time Warner is the last eight digits of the unit's MAC address sans the colons separating out the values. This is unique to your device, but can be found pretty easily by looking at the user interface that you do have access to. The password for this user is "c0nf1gur3m3". Use that and you should be in. Feel free to change the password while you're in there to keep the Time Warner folks out.
One other kinda secret thing to note is that if you do want to change how the router is configured for internet access, you will need to go to http://192.168.0.1/TlModeChange.asp on your router to do so. Once there, you can change it to Bridge mode, NAT mode, Router mode, or NAT Router mode depending on what you are looking to do with it. Hope you enjoyed this simple solution for getting the real administrator access to Time Warner RoadRunner's Ubee cable modem.
***Update: If the above isn't working for you on Time Warner Cable, try one of these suggestions from the comments:
- Username: admin / Password: cableroot
- Username: technician / Password: C0nf1gur3Ubee#
- Username: admin / Password: C0nf1gur3Ubee#
I was having lunch with Charles Henderson from Trustwave Spider Labs the other day and he mentioned that he had just gotten signed up with the new Roadrunner Extreme Broadband Beta from Time Warner Cable. He mentioned insane download and upload speeds as well as the new DOCSIS 3.0 compliant modem. It was enough to pique my interest and get me to call Time Warner.
I have been on the older Roadrunner Turbo-charged plan since basically when it first came out and have been generally happy with the service up until recently when I've started having to reboot the modem daily. I'm also kind of an internet speed addict so the idea of moving up to 20 MB/s downloads and 5 MB/s uploads was pretty sweet to me. That's just to start with as eventually the service will have 30 MB/s downloads. I called up Time Warner and asked what it would take to move onto the Extreme Broadband Beta and they told me that it was only an extra $5/mo over my Turbo-charged plan. Even better was that they were offering free installation as part of the Beta. They were able to get the install scheduled just over a week out. Not too bad.
The service technicians came out on the designated day and time and got everything hooked up for me. They even replaced a bunch of the wiring on the box on the side of the house where the service connects to. They did some line tests and within minutes I was up and running on the new service. While not the 5 MB/s upload that was advertised to me, the download speed is quite impressive. Check it out:
The other cool thing is that while not necessarily intended, it is very easy to get into the new ubee modem's configuration interface. By default, the device comes up as 192.168.0.1 on your network and has a username and password of user/user. Get in there and it's got all of the configuration options of a wireless internet gateway. The first thing that you should do is change the username and password. After that, enable the wireless network, configure port forwarding, etc.
Not only does the new modem have built-in wireless N, but it also has four additional network ports so you can use it with multiple computers on your network. I remember the days when Time Warner used to charge you if you had more than one computer, but not anymore.
Granted, I've only had the new service for a few hours now, but I'm already pretty impressed. If you're an internet speed demon like me, and you live in the Austin area, I'd recommend that you give Time Warner a call and ask about switching over to the new Roadrunner Extreme Broadband Beta. Enjoy!
As I'm preparing to take my trip to New York for the OWASP AppSec Conference, I came across a timely article on the risks involved with using a hotel network. The Center for Hospitality Research at Cornell University surveyed 147 hotels and then conducted on-site vulnerability testing at 50 of those hotels. Approximately 20% of those hotels still run basic ethernet hub-type networks and almost 93% offer wireless. Only six of the 39 hotels that had WiFi networks were using encryption (see my blog on why are people still using WEP for why this is necessary). What does this mean for you, Joe User? It means that both your personal and company information is at risk any time you connect to those networks. The next time you're surfing the web, start paying attention to all of the non-SSL links (http:// versus https://) that you visit. Then, think about the information that you are passing along to those sites. Are you signing in with a user name and password? Entering credit card information? Whatever it is, you better make sure that it's something that you wouldn't feel bad if it wound up on a billboard in Times Square, because that's about how risky your trasmission could be.
Before you get too concerned, there are a few things you can do to try to prevent this. First, DO NOT visit any links where you transmit information unencrypted. This is just asking for trouble. Since many man-in-the-middle type attacks can still be used to exploit this, my second suggestion is to use some sort of VPN tunnel. Whether it's a corporate VPN or just a freebie software VPN to your network back home, this allows you to encrypt all traffic over the untrusted hotel network. Make this your standard operating procedure anytime you connect to an untrusted network (not just a hotel) and you should keep your data much safer. Lastly, please be sure to have current firewall and anti-virus software on the computer you are using to connect to the untrusted network. The last thing you want is to get infected by some worm or virus just by plugging in to the network.
One other thing that I think that deserves mentioning here is that if you don't absolutely have to use the internet on an untrusted network, then don't do it. Obviously, there are times when you need access to do work, pay bills, etc, but if you can save those tasks until you reach a more familiar (and hopefully safer) network, that is far and away the best way to keep yourself and your data safe.
Wireless internet access is everywhere these days. Everyone from restaurants and bars to the average Joe Homeowner has some sort of wifi network set up. The problem is that they set up these networks without giving security a second thought (or even a first thought in most cases). I was at the TRISC conference last month and heard SimpleNomad say that he doesn't pay for internet access anywhere any more because there's always an unsecured or poorly secured wireless network wherever he goes. Lately, I've been testing that and he's absolutely right. I'm the only person on my block not running either an open network or a WEP "protected" network. I was even at a local hospital the other day and their "secure" internal network was using WEP.
For those of you just catching up, WEP is an almost 10 year old wireless protocol whose intent was to encrypt your wireless transmissions. The problem is that WEP uses a user-defined key along with an "initialization vector" (IV) to generate the RC4 traffic key used to encrypt your data. If I can gather enough of these IV's, then I can figure out what the key is and your network is now pwned. I can speed up this process by injecting my own packets and I can get your key in under 3 minutes. How's that for security?
So, why is anyone still using WEP? It was deprecated as a wireless privacy mechanism back in 2004. It is easily cracked and provides slightly more security than running an open wireless network. All that and when you buy a new wireless router it's most likely still pre-configured with WEP enabled. On some of these older models better encryption standards such as WPA or WPA2 aren't even options. With much of the wireless network setup falling into the hands of novice users, some of the responsibility lies with the router manufacturers for even allowing them to use WEP. The rest, in my opinion, is on the users themselves, who put up these networks without being educated enough to do so. You wouldn't put a door on your home without making sure the locks worked, would you? How about buying a car where everyone with that model vehicle had your same key? I think you get the picture.