hey has anyone else seen this? was in my mailbox this evening. we all
know there are simply things we can make our routers more secure. does
anyone know if this is legitimate or someone;s idea of a scaremongering
hoax? cheers, Zsolt

-----Original Message-----
From: File-IT Software Productions Ltd [mailto:file-it@ihug.co.nz]
Sent: Wednesday, 19 June 2002 01:25
To: file-it@ihug.co.nz
Subject: Your Jetstream/ADSL connection is NOT secure

Hi there,
I feel it is appropriate to inform you that your Jetstream/ADSL
connection is not secure. Let me give you an overview of the security
problem;

As you should know, your adsl modem/router has a webpage type
configurable screen this is accessable from your local network by typing
something such as http://192.168.1.1 in your browser, where the
192.168.1.1 is the IP address of your router on your local network.

You have been sent this message because we HAVE been able to connect to
your modem from an external connection and view ALL of the configuration
information on your modem. This includes the login/password your modem
uses to connect to the internet. In almost all cases, this
login/password combination would also be the same as your isp's POP3
email password. This could allow a spammer to send email from your
email account!

Fortunately, we are on your side. We found out about this problem
first, and we are not going to take advantage. And we certainly do not
want hackers to be able to take advantage of you.

If you do not believe us about this problem, send us an email to
file-it@ihug.co.nz and we will gladly email you back a copy of your
modems configuration settings. This is a real problem, with very real
consequences!

Also, in most cases, the adsl modems also allow a 'telnet redirection'
which could allow a hacker to connect to your modem, then connect
through yours, to a number of other modems, then perform anythign they
want almost untraceable. A hacker with New Zealand only internet
access, or to minimize their international downloads, set up a 'port
rediraction' allowing them to download large amounts of data via your
connection. If this were to happen, you could be paying a large fee for
internet traffic you didn't use!

Obviously the possible ways that a hacker could take advantage of this
problem are limited only by their imagination.

You are not alone in this security issue. As of today, there are almost
500 New Zealand users affected by this security problem.

This problem has not been publicly released. Please do not report this
problem yet, hackers use the media everyday to find out about new
problems and take advantage of them before they are patched up. By
informing the media, you will be putting at least another 500 users in
the same boat as you at risk. Once this number has reduced to
manageable numbers, I will then inform the media of the issue.

How to fix this problem:
Change all passwords to access the configuration mode of your modem -
Note that some modems have separate http and telnet administration
passwords
Change your internet access password
Turn off the option for your modem to allow 'external administration'

How can I help you?
If you are unsure of how to change these passwords, we can do this for
you for a small fee.
Once you have fixed the problem, we can test it to make sure it is
corrected for a small fee.
In case you didn't already know, I have already helped you immensely by
informing you of this problem!

What will this cost?
If you require our assistance to help you change these passwords, or to
do a post-fix test, we will charge you NZ$45 + gst for the service -
This price includes both services. We found out about this problem
first, we are the best people to fix the problem for you. In almost all
cases, we have a less than a day turnaround so by tomorrow you can be
assured you will not be at risk!

One last note:
This email was sent to you unsolicited, however we feel that we have a
very good reason to send this message. If you are unhappy about
receiving this message, we are sorry, but please, fix the problem now as
we will inform the media within 7 to 10 days

Although we gained access to your modem/router, at no time were we
trying to gain access for illegal purposes, we did this for your own
gain. You should note though that if we can do this, there must be some
hackers who have already done it too and you may just be their next
target!

What should you do once you have fixed the problem?
The best thing you can do is inform us that you have by email. We will
be keeping track of numbers fixed and will inform the media soon
Thank us :)

I hope this information is of great use to you

- John Burns
file-it@ihug.co.nz

-- 
This message is part of the NZ ADSL mailing list. 
see http://unixathome.org/adsl/ for archives, FAQ, 
and various documents. 
To unsubscribe: send mail to majordomo@lists.unixathome.org 
with "unsubscribe adsl" in the body of the message