nanog mailing list archives

Re: Comcast storing WiFi passwords in cleartext?

From: Stephen Satchell <list () satchell net>
Date: Wed, 24 Apr 2019 08:49:49 -0700

On 4/24/19 7:24 AM, Tom Beecher wrote:

This is why, in my opinion, people should avoid modem/router combo units
whenever possible. Any information/configuration entered into such a device
could be accessible to the MSO (intentionally or otherwise) , as is
happening here. I'm sure they would come back and say this is necessary to
provide support for customers who pay them for WiFi service, but it clearly
shows they don't turn off that functionality for customers who don't.

Treat you cable modems as foreign network elements. Cause that's what they
are.


+1.  Encountered this with an AT&T install.  AT&T provided router/wifi
combo.  After the installer was done, first thing I did was to turn the
combo's wifi off, and hook up the access point the customer has been
using for years.  Verified that the MAC filtering was still correct
during the post-install.  Customer is happy.

The next step is to build a Protectli firewall to go between the AT&T
modem and the access point.  Block any chance of AT&T using SNMP to
sniff the access point.  (Moved the Access Point's IP address for
management and gateway, too.)

Current thread:

Re: Comcast storing WiFi passwords in cleartext?, (continued)
- - - Re: Comcast storing WiFi passwords in cleartext? Peter Beckman (Apr 23)
    - Re: Comcast storing WiFi passwords in cleartext? Peter Beckman (Apr 23)
    - Re: Comcast storing WiFi passwords in cleartext? Christopher Morrow (Apr 23)
    - Re: Comcast storing WiFi passwords in cleartext? Randy Bush (Apr 24)
    - RE: Comcast storing WiFi passwords in cleartext? Luke Guillory (Apr 23)
    - Re: Comcast storing WiFi passwords in cleartext? K. Scott Helms (Apr 24)
    - Re: Comcast storing WiFi passwords in cleartext? Matt Hoppes (Apr 24)
    - RE: Comcast storing WiFi passwords in cleartext? Luke Guillory (Apr 24)
    - Re: Comcast storing WiFi passwords in cleartext? Töma Gavrichenkov (Apr 24)
    - Re: Comcast storing WiFi passwords in cleartext? Tom Beecher (Apr 24)
    - Re: Comcast storing WiFi passwords in cleartext? Stephen Satchell (Apr 24)
    - Re: Comcast storing WiFi passwords in cleartext? Sean Figgins (Apr 24)
- Re: Comcast storing WiFi passwords in cleartext? Yang Yu (Apr 23)
- Re: Comcast storing WiFi passwords in cleartext? Brandon Jackson via NANOG (Apr 24)
  - Re: Comcast storing WiFi passwords in cleartext? Aaron C. de Bruyn via NANOG (Apr 24)
  - Message not available
    - Re: Comcast storing WiFi passwords in cleartext? Brandon Jackson via NANOG (Apr 25)
- Re: Comcast storing WiFi passwords in cleartext? Benjamin Sisco (Apr 24)
  - Re: Comcast storing WiFi passwords in cleartext? Seth Mattinen (Apr 24)
    - RE: Comcast storing WiFi passwords in cleartext? Benjamin Sisco (Apr 25)
    - Re: Comcast storing WiFi passwords in cleartext? K. Scott Helms (Apr 25)
    - Re: Comcast storing WiFi passwords in cleartext? Doug Barton (Apr 25)

(Thread continues...)