HELP WITH BLOCKING PCs ON HOME NETWORK

TonyA

TonyA

Expert Member
Joined
Oct 13, 2005
Messages
2,304
Reaction score
2
Location
Capri, South Pennisula, Cape Town
Hi all,

I have a TP LINK 1043ND connected to a Billion 4202G in my home network. 2 laptops connect by wireless and 2 PCs are hard wired to the TP LINK Router. The Billion is connected to the TP Link via WAN connection and only provides ADSL access. The Billion is setup as the DHCP server and the TP Link provides the addresses for all PCs on the network. The Network works well and there are no problems.

What I want to do is set up a rule blocking the other PCs from using the internet at set times. I've read the manual and help sections countless times and they don't make sense.

Is there anyone who has experience with TP Link settings who can help please!
 
You need to goto 'Access Control Rule Management' in the routers CPL > Add New. (Page 65 of the manual I have)

There you can assign rules - you would want to set 'target' to 'any target' and then 'add a new schedule' with the times you want to cut them off. To get the MAC address of the particular PC you are blocking, select their network adapter and select 'status' > 'details' - you will see the physical (MAC) address listed there.
 
FlatspinZA said:
You need to goto 'Access Control Rule Management' in the routers CPL > Add New. (Page 65 of the manual I have)

There you can assign rules - you would want to set 'target' to 'any target' and then 'add a new schedule' with the times you want to cut them off. To get the MAC address of the particular PC you are blocking, select their network adapter and select 'status' > 'details' - you will see the physical (MAC) address listed there.
Click to expand...

Ok Thanks, does that mean I can block them at any time by invoking the rule? Get very confused with host and target! :)
 
block mac addresses on your billion modem, my billion modem has got some time intervals to choose to block. block both from wi-fi and lan
 
Anyone that has a TP Link ADSL router burn it. It shows your ADSL account and password in clear text when you telnet to it.

If you dont understand what I am saying here let me put it like this.

A TP Link by default has TCP port 23(Telnet) and TCP port 80 (HTTP) open and the default username and password is admin and admin.... or some dumb people use admin and 1234.... thus to hijack hundreds of ADSL accounts its very easy when people are usinge TP Link chipset ADSL routers. When you log in via telnet you go to the pppoe username details and just below it is the password. I am studying for my CEH and did some self study and found more than 50 accounts in 1 day. Please throw your ADSL TP Link router away and go buy a nice Netgear.
 
Last edited:
eCliPSe said:
Anyone that has a TP Link ADSL router burn it. It shows your ADSL account and password in clear text when you telnet to it.

If you dont understand what I am saying here let me put it like this.

A TP Link by default has TCP port 23(Telnet) and TCP port 80 (HTTP) open and the default username and password is admin and admin.... or some dumb people use admin and 1234.... thus to hijack hundreds of ADSL accounts its very easy when people are usinge TP Link chipset ADSL routers. When you log in via telnet you go to the pppoe username details and just below it is the password. I am studying for my CEH and did some self study and found more than 50 accounts in 1 day. Please throw your ADSL TP Link router away and go buy a nice Netgear.
Click to expand...

I understand where you’re trying to go with this but what you’ve posted isn’t quite accurate, you’ve omitted fairly key points!

Yes, a TP-LINK by default has port 23 and port 80 open on the LAN port but by default its not open to access from the WAN port, this can be enabled as it can be on most ADSL routers including Netgear and yes if the default username and password were left unchanged with remote access enabled it would pose a serious security risk, a risk exclusive to TP-LINK? No, not at all, ANY mainstream ADSL router that has remote access or remote support enabled with default username and password would be vulnerable and you would be able to access all of the information on the router regardless of brand!

Yes, default username and password is admin:admin but don’t 99% of networking products on the market have this default username / password? It’s common knowledge that you'll get a list of default username / passwords off the internet in a matter of minutes, a clever guy like you studying your CEH would then probably be able to write a pretty nifty script that scan's the ADSL subnet attempting to log into ADSL routers with these default credentials logging successful attempts to a log file for later manipulation, I honestly believe that what you’d find from something like this would not be a particular brand standing out as being most vulnerable but rather poorly secured or configured devices across a multitude of vendor platforms as a result of a poorly configured device.

By default, TP-LINK devices as well as Netgear, SMC, D-LINK, Billion etc… will have most security settings disabled out of the box, the reason is so that initial configuration is not complicated, I agree to leave any network device on a public network with this default configuration is a bit silly and would most likely see your device and possibly your network compromised but its unfair to blame the manufacturer for this, its probably fair in a case like this to blame the individual who configured the unit no?

There’s no such thing as a TP-LINK chipset, their ADSL routers (like most ADSL routers) use either Broadcom or Trendchip chipsets.
 
I prefer to use Smoothwall to control my adsl connection.

I have never fallen foul of stolen adsl credentials.
 
.. the chipset used by TP-LINK adsl routers is insecure is the same as some edimax adsl routers. Below accounts proves my point. I have added an (X) so that the accounts cant be used. Also if you can telnet to 196.210.228.181 and see for yourself.

lll050@wadsl
ipeyir(X)31

[email protected]
bhf(x)svnl

arishworth@axxesslite
k(X)aevz25

[email protected]
4zk(x)5cn2

I have hundreds more. You are missing the bloody point bud. ADSL ACCOUNT INFO IN CLEAR TEXT xD Its not the broadcom chip sets :P There are a number of ways gaining access to a home network. but yeah if you dont mind a router that keeps passwords in clear text go for it.
 
Last edited:
eCliPSe said:
You are talking out your a$$.... anyways.. the chipset used by TP-LINK adsl routers is insecure is the same as some edimax adsl routers. Below accounts proves my point. I have added an (X) so that the accounts cant be used. Also if you can telnet to 196.210.228.181 and see for yourself.

lll050@wadsl
ipeyir(X)31

[email protected]
bhf(x)svnl

arishworth@axxesslite
k(X)aevz25

[email protected]
4zk(x)5cn2
Click to expand...

What does the chipset have to do with the device security? Surely this is decided by the O/S or Firmware and not the chipset!

I still fail to see how this "proves" your point, if remote access is enabled then yes I agree with you the device is vulnerable but once again this is not vendor specific and any device regardless of who manufactured it would be vulnerable if this was enabled all of which I said in my previous post!!!!!

I'd like comments from other forum members on this because I really don't agree with your comments and think that maybe you're the one talking from the wrong end.
 
Ok download A free port scanner... the radmin one works great. Scan your own ADSL address block say a 1000 IP's. Scan for port 23 only.... not even port 80.

with most of electronics these days there are only a limited number of companies creating these chips. Thus each vendor creates his own firmware running on it. HAWEUI uses the same tc chipset. But has updated their firmware not to show the clear text passwords.

most ADSL routers does not allow remote access via public IP's but for some reason the number of TP-LINK ,edimax HAWEUI and Zyxel Adsl routers having port 23 open indicates that there is a link with some vendors or chipset allowing by default port 23 access from public ip's
 
eCliPSe said:
Ok download A free port scanner... the radmin one works great. Scan your own ADSL address block say a 1000 IP's. Scan for port 23 only.... not even port 80.

with most of electronics these days there are only a limited number of companies creating these chips. Thus each vendor creates his own firmware running on it. HAWEUI uses the same tc chipset. But has updated their firmware not to show the clear text passwords.

most ADSL routers does not allow remote access via public IP's but for some reason the number of TP-LINK ,edimax HAWEUI and Zyxel Adsl routers having port 23 open indicates that there is a link with some vendors or chipset allowing by default port 23 access from public ip's
Click to expand...

I was convinced that what you're saying is not true so we've just tested this at our offices now to prove the point....

We took a brand new out the box TP-LINK, set it up leaving EVERYTHING set to default only putting in the ADSL credentials, connected it to the internet and not only were we unable to telnet to it but we couldn't even ping the device unless we manually went and made rules in the ACL to allow ping and telnet on the WAN interface!

I get the point you're making, really I do but you seem to be missing my point, from your posts, you're insinuating that TP-LINK is an inferior brand with potential security risks that other brands do not have and this is completely inaccurate.

A defaulted TP-LINK ADSL router or modem will not allow incoming remote access via the WAN port unless the user enables this, if he does this and has the default username / password then obviously a would be hacker can get into the device but that's not because its a TP-LINK its because security has been completely (and manually) turned off and you would have exactly the same risk with any other brand.
 
kernel said:
I was convinced that what you're saying is not true so we've just tested this at our offices now to prove the point....

We took a brand new out the box TP-LINK, set it up leaving EVERYTHING set to default only putting in the ADSL credentials, connected it to the internet and not only were we unable to telnet to it but we couldn't even ping the device unless we manually went and made rules in the ACL to allow ping and telnet on the WAN interface!

I get the point you're making, really I do but you seem to be missing my point, from your posts, you're insinuating that TP-LINK is an inferior brand with potential security risks that other brands do not have and this is completely inaccurate.

A defaulted TP-LINK ADSL router or modem will not allow incoming remote access via the WAN port unless the user enables this, if he does this and has the default username / password then obviously a would be hacker can get into the device but that's not because its a TP-LINK its because security has been completely (and manually) turned off and you would have exactly the same risk with any other brand.
Click to expand...

I agree with you 100%
It doesnt make sense that it would enable telnet or HTTP/S management on the outside by default.

IT does make sense it will do that by default on the inside.

Whilst it is pretty stupid for the device to store usernames and passwords in plain text, there is no real risk unless the owner specifically allows management from the WAN port, or has a very weak encryption/passwords on the wireless.

As for the Original request, i would suggest creating an allow rule specifically for you MAC and PC's you want to work permanently, and then having a deny any rule.

Use the deny all under your specific allow rule, and put that on a time base.
I think this might make things more manageable
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X