Taking back the control of your router

[viking60]

One major ISP in Scandinavia Nextgentel has sent out a new router replacing my old one (Well I did it - but they did send the router ) Everything is supposed to be better with it, mostly my phone system. And it pretty much is The setup was a walk in the park, and I even could eliminate one box becaus telephone and Data are integrated in my new and shiny Thompson TG789vn thus removing a lot of cable "salad".

The only trouble is... I had to use this sticker to find "my" cryptic username I only had to remove the "thompson" in front of a cryptic combination of letters and numbers. And a password was 8 numbers but I had to remember to remove the "-" between the numbers.

Okydoky it did work, but then you are auto logged out and then you have to remember that ID and password again or find the note etc.....

Easy I thought I only have to add another user in the router so I danced away to my http://10.0.0.1 that brings up the webpanel to change the important stuff.
And guess what? The ISP had set this username and password and shut me out as a root user! There was an information under configuration that the service name was modified by user - but that was not me. So I call my ISP and claim that when I pay for the goods then they should have to call me to get access to my private network - and not the other way arround So could I please change the username?

And then the usual there are no guarantees and it is not possible and we do not support.....bla bla The thing is; the router they replaced had that function! So they changed it and did not inform about it - and me being somewhat aware of privacy issues - shared that sentiment with them

So what to do?
Install heimdal-telnet or some telnet.
in a terminal telnet into 10.0.0.1

Code: Select all

telnet 10.0.0.1

Add that horrible ID and password that has been provided for you.
You will get that Ascii art Thompson welcome and a prompt beneath it:

It could look something like this:
{6E2C88}=>
(Where 6E2C88 is your userid in this case)
And now we start by deleting all users:

Code: Select all

{6E2C88}=>user flush

Then we have to log out:

Code: Select all

{6E2C88}=>exit

And now we log back in like before, but only hit enter on the Username and password because they are empty.
Time to add another user then:

Code: Select all

=>user add

Here you get three important prompts that you have to fill out:

Code: Select all

name = berserk
password = ******
Please retype password for verification.
password = ******
role = root


remember to fill in the role as root!

the rest can be left blank by hitting enter.

end it all with the saveall command:

Code: Select all

=>saveall


and exit...

Now you can log in to your router as root and change and add users it the good old way and you are back in the drivers seat - not the ISP!

I never was a good passenger anyway.

This is only a story from one ISP and one router in Valhalla but it concerns a lot of people so I found it to be a worthy of a tip.
More here

[rolf]

Valhalla!!!

Interesting story, good job Console tools are good.

I can't help but think that, if ISP becomes aware of this sort of move, they might very well make the next move of their gambit something like disabling telnet or some such. Anyway, good work.

[viking60]

Yes they can probably block everything, but what I find important is that they should not think they can go down that road without informing about it. They know very well that if they had announced that the router switching would take the users admin rights away, then they would have problems with their customers.
So they chose to shut up and sneak it in.
Good thing that others can help them announce what they had "forgotten" to mention. There are other ISP's... so transparency about these things will make the choices easier......
Not that I am particularly discontent with this ISP; it is more of a culture thing that has to be stopped by increased awareness, and some modest actions as described above.