nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ISP data collection from home routers

From: Christopher Morrow <morrowc.lists () gmail com>
Date: Thu, 24 Mar 2022 10:54:36 -0400
On Thu, Mar 24, 2022 at 10:04 AM Giovane C. M. Moura via NANOG <
nanog () nanog org> wrote:




Who cares about the SSID???


I don't remember the data model, but I remember that they retrieved data
very often, multiple times a minute.



Please keep in mind that TR-069 (which in all likelihood is how the data
you remember captured was captured) provides
raw packet access to the customer side of the device.

yes, this is a problem, yes it's certainly been/being abused.
Yes the protocol is garbage and implementations are also garbage :(
see the, at least 1, blackhat/defcon presentations about TR-069 problems.

https://www.youtube.com/watch?v=XXhV7zpc6m8
https://www.geekzone.co.nz/forums.asp?forumid=49&topicid=214760&page_no=5
https://www.blackhatethicalhacking.com/news/multiple-backdoors-and-vulnerabilities-discovered-in-fiberhome-routers/

there's really no reason at all to have this exposed as it is :(
Previous By Date Next
Previous By Thread Next

Current thread: