Possible ADSL Account Hijacking

[Coffee_Mug]

firstly, i'm not your dude.

secondly, you're right... i sit in a dark hole lecturing n00bs like 90% of the users on this forum on how things need to be done. everyday there is a similar post on here... i read it, laugh... express my sentiment, then get irritated because my opinion on the matter doesn't seem to compensate for the sorry end user whose account got capped by some individual that quite frankly doesn't give two sh1ts. i never pointed fingers directly at you... if thats what it felt, and i made u cry, then i humbly apologise. don't belittle me, it doesn't work.

 

[youradsl]

"Although I consider myself some what of a knowledgeable IT person, I didn't even think of my username and password being susceptible to hackers."

its not called hacking.

if you're ignorant, or just plain uninformed on the matter of changing your default router passwd then i believe u got what u deserved. exploiting stupidity isn't a crime.

Now this was a stupid comment if I ever saw one.

 

[Coffee_Mug]

yeah, i guess i dont have a heart

 

[MaD]

Indod - I hope you have changed your ISP account password as well?

 

[Indod]

Indod - I hope you have changed your ISP account password as well?

yip - and my username - "fool me once shame on you, fool me twice shame on me"
MaD - give me you opinion - just out of pure interest, who do you feel is to blame
Me?
My ISP?
Or the MODEM Manufacturer?
I just want to get peoples opinion on this topic, coffee_cup, i'm not looking for any vindication here.

 

[PostmanPot]

hey MaD, why does your website constantly refresh itself..?

annoying!

 

[Dave A]

Another suggestion that may help is if you don't use more than one connection on your account, ask your ISP to disable conncurrent connections. I do this, and leave my PC on day and night, permanently connected. After the 24 hour reset it automatically re-authenticates. This gives potential hackers only a 1-2 second window period per 24 hours where my account isn't active.

I like this!! Can only help.

What do most ISP's set as the default? Hopefully they don't allow concurrent connections without a specific (verified) request.

 

[Turbo_Aspiration]

How can it be ur ISPs fault? Its like sticking ur password on ur computer screen and blaming the admin for some1 "hacking" ur account

If u didnt know the router could be accessed from the outside, then u didnt know.. guess its a learning experience

 

[soup]

OK Indod, i think we found our guys here. Obviously it's just you and me that are stupid. Thanks to HighFlyer for your positive statement, in my experience some ISP's allow 4 connections, some allow 2, i guess you would have to ask to be switched on to a single connection.

The rest of you geniuses be cool, and thanks for the help.

 

[MaD]

MaD - give me you opinion - just out of pure interest, who do you feel is to blame
Me?
My ISP?
Or the MODEM Manufacturer?

IMO the onus should be on the modem manufacturer to have, as you log in to the admin page each time, a prompt warning you that your user/pass is still default. Red screen with lots of flashing will probably do it, and they could go a step further by warning you that the modem will take 10 seconds longer to get into the admin panel if your user/pass is still default... something like that.

A nice touch as well would be if the ISPs, in their first mail to customers who have obtained an account, put a sentence or two in bold writing pointing out the dangers of web-based admin panels on routers, and how with the exorbitant bandwidth prices in South Africa one could be out of pocket in no time at all if the user/pass is left at default.

Something like changing a default user/pass isn't instinct.. there are lots of other things one thinks about as well and I can guarantee you that *anyone* who is told about the dangers will change their user/pass as soon as they possibly could. No one would leave it on default if they knew what could happen.

So imo it's not the user's fault. If someone isn't made aware of something - how will they know what to look out for?

 

[skydog]

yip - and my username - "fool me once shame on you, fool me twice shame on me"
MaD - give me you opinion - just out of pure interest, who do you feel is to blame
Me?
My ISP?
Or the MODEM Manufacturer?
I just want to get peoples opinion on this topic, coffee_cup, i'm not looking for any vindication here.

People steal ADSL accounts - this is unethical and they should be to blame. It it wrong to steal, however i am not that naive.... it doesn't stop people from doing it.
I don't think anyone is really to blame. or everyone is to blame a bit.

I do think that it is the responsiblity of the end user to make sure they are secure, however for people new to computer and especilly in this case Broadband internet, it is very new and big world to them.

the problem starts with the manufacturer not having a setup that is more secure.... i think Billion has gone in the right direction with introducing and change password at first login.

another problem is general user education - you a step in the right direction telling people about your misfortune, but not sure if the MyADSL forum is the right place as it has been posted about before, but saying that i'm sure there are many new people to the forum that dont read previous posts.
Tech support people deal with dumb users / idiots whatever you want to call them and get very fustrated when dealing with these "dumb users" . I say dont take it out on this forum or other "dumb users" rather grab a six pack and drink and joke with techie friends about it. Half the reason why "dumb users" dont ask questions is that they made to feel stupid when asking the questions and so dont ask, and so they get dumber and the circle goes round......

The other thing is that there are "whitehat" hackers out there that are reay to say "hey dude, you got a problem there, suggest you fix it before someone finds it" but dont want say it incase the response is "so you were trying to hack me shame on you" and get bad atitude for the person becasue they were getting defense..... the guy was only trying to help.

too long a post... bad spelling and grammer... enough.. hope it puts a different angle on it.

 

[PostmanPot]

hey MaD, why does your website constantly refresh itself..?

annoying!

 

[-toady-]

msg for skydog....

hey there skydog

Thanx for the attempted Skype contact this morning. I forgot to let you know our mweb membership is now cancelled so mails can get me at my WT nick at either gmail or webmail
My old man was using the pc at the time an forgot to switch skype off soz man. Besides which tis a new toy we will have to learn about. i see from the Nortons firewall logs we took a hit just before and after your connection:

Details: Unused port blocking has blocked communications
Inbound TCP connection
Remote address,local service is (194.225.126.4,socks(1080))

Click on the address to trace the attacker
You can get detailed information about this attack at Symantec Security Response

I never bother with thundering after the attacker as this pc has been droned for years heheh...
o and skype popped up a window saying Skype unauthorised access so will have to add ure nick to the list? Stay safe

CacklinTard

 

[babagrr]

Hell, yeah, when ISP's were still interested in delivering service and not in how many calls they can take in the shortest time possible.

I use to work for one ISP and have been shown the door because I use to do exactly that.

I would rather spend 20 minutes on the phone, evaluating, educating and answering questions whereas my colleagues would take as many calls as possible, give bogus and useless info to clients just to get them off the line.

It wasn't unusual for me to hear a client starting the conversation with:

You! Are! The! 15th person! I'm! speaking! to!

I understand their plee and I seriously think that user's should force their ISP's to deliver actual technical support and not just lip-service.