WARNING TO ALL UNIFI USERS

Lowyat.NET forums

Lowyat.NET Kopitiam Garage Sales

Lowyat.NET Rules and Regulations FAQ Help Search Members

Welcome Guest ( Log In | Register )

Lowyat.NET -> Networks and Broadband

Bump Topic Topic Closed RSS Feed

Outline · [ Standard ] · Linear+

Unifi WARNING TO ALL UNIFI USERS, Threat warning, read inside

views

iipohbee	May 29 2010, 12:28 PM Return to original view \| Post #1
On my way Senior Member 603 posts Joined: Dec 2008	QUOTE(Sting Ray @ May 29 2010, 10:07 AM) hi rizvanrp, under the secondary administrator account is there any option to allow VPN passthrough ? my wife's VPN connection problem is still not resolved and Unifi service centre didn't respond to my emails at all. Register an account with DynDNS, and let us see what you have there in your DLink router.
Card PM	Report Top Like Quote Reply

iipohbee	May 29 2010, 01:45 PM Return to original view \| Post #2
On my way Senior Member 603 posts Joined: Dec 2008	QUOTE(heizad @ May 29 2010, 01:36 PM) why is lan port 4 mapped to WAN 2? That port is used to connect with the IPTV STB. As you can see they have 2 WAN profiles created one for the dedicated IPTV using VLAN 600 and the first WAN profile is for your internet. With the new global admin account, you'll gain access to all these.You can assign more WAN profiles for each port as well if you wanted.
Card PM	Report Top Like Quote Reply

iipohbee	May 29 2010, 02:09 PM Return to original view \| Post #3
On my way Senior Member 603 posts Joined: Dec 2008	QUOTE(rizvanrp @ May 29 2010, 01:48 PM) It's bad in this case because the router runs BusyBox. You can sniff the traffic running on other people's home networks.. and since the router runs an SSH daemon (dropbear), you can use it to setup an open/closed SOCKS proxy on their routers and forward data through their connections. Not to mention these are high speed 5-20mbps links.. If I compromised all those nodes I would have 3Gbps of bandwidth at minimum to use as a botnet (assuming everyone is on 5mbps at the very least). Well Rizvanrp, how did you know they did not exploited the backdoor from day 1 in the first place? The existence of a botnet within TM's network has been known since Streamyx time with DPI tracking technologies such as Phorm,121media as such. It's true that there's something going on behind TM's network. When doing secure transactions such as online payment as such I still feel safer using other prepaid isps such as Umobile, Jaring, DiGi Broadband or even Maxis.
Card PM	Report Top Like Quote Reply

iipohbee	May 29 2010, 02:32 PM Return to original view \| Post #4
On my way Senior Member 603 posts Joined: Dec 2008	QUOTE(rizvanrp @ May 29 2010, 02:21 PM) @iipohbee I don't think they would need to since they're the ISP.. they have logs on their side. But honestly, this is a bad case security through obscurity. You tell all your customers there's only 1 user/pass to access the router, you tell all your technicians who install for the customers the same thing (even those who are doing Unifibiz installs).. then it turns out there's a second user/pass combo and this user/pass has a higher access level. At least I found this <2 months into the launch and people will be aware of this now. I actually just thought of leaving it be because it would be too much trouble to fix.. but I'm not the only guy who's decent with security/networking here and if this came out once Unifi's as popular as Streamyx .. good f-ing game sir. I actually hate this more than when they were throttling BT. At least with a BT throttle my home network is still secure. Not to mention they had me running around like a dog trying to find a way to let people use their own routers when it was possible all along. I honestly don't know what the hell was running through the minds of the people who set this up. Yes they do have logs on their side but they needed tools to dig further and understand the behaviors of their users. They could use this to clear up logs in your modem, clean out evidences and take control of your usage. I guess this idea was thought by one of their planning R&D team for pre-emptive measures. Those who have access to their DPI servers.
Card PM	Report Top Like Quote Reply

iipohbee	May 29 2010, 09:29 PM Return to original view \| Post #5
On my way Senior Member 603 posts Joined: Dec 2008	QUOTE(rizvanrp @ May 29 2010, 09:20 PM) Sorry I forgot to add this in, Unifi's main VLAN has no caps on it. Every user is capped at the account level only. This means if a 5mbps breaks into a 20mbps users router and takes his user/pass, he will get 20mbps at home. Nice job TM Since you're going to be implementing an account cap, I can't imagine what people would do to get past it Unfortunately the Dlink DIR-615 doesn't have gigabit ethernet ports.Else this would mean havoc! But you can still assign multiple 20M accounts to each port or maybe choose to watch IPTV channels in different rooms at home. Dedicated 20M for each computer You have 4 ports to play with
Card PM	Report Top Like Quote Reply

« Next Oldest · Networks and Broadband · Next Newest »

Topic ClosedOptions

Change to:

0.0240sec

0.36

7 queries

GZIP Disabled
Time is now: 30th November 2025 - 04:39 PM

All Rights Reserved © 2002- 2025 Vijandren Ramadass (~unite against racism~)

Removal Request

Powered by Invision Power Board © 2025 IPS, Inc.