I have the Alcatel 1000ADSL unit with a /29 subnet, or 5 usable addresses. I figured the Alcatel to be addressed either at the start of the range or the end, but actually found it in the middle, perhaps it is grabbing an IP address from my local DHCP server. Here is what I get when telnet'ing to that address (and no, the MAC address and IP address are not my real ones, but the IP address is some ftp prober from my snort log this AM): --------start of example----------- [bwatson@bwatson]$ telnet 12.34.79.137 Trying 12.34.79.137... Connected to 12.34.79.137. Escape character is '^]'. ANT (0F-EE-DM-E0-BE-EF) password : ########## ******************************************************************* * * * ********* * * ******* * * ***** * * *** * * * * * * * * * * * ***** * ******* ****** * * * * * * * *** * * * * * ***** * * ***** * *** * * * * * * * ******* * * * * * * * ****** ***** ********* * ****** ****** * * * ******************************************************************* ADSL ANT $expert Unknown command. $EXPERT Switch to expert mode. Return to Normal mode by typing <NORMAL> > --------end of example----------- So try the addresses from your DHCP range, if the modem was ever on a DHCP LAN and then use the online challenge-response calculator at: http://security.sdsc.edu/self-help/alcatel to figure the password response to the challenge, in my case the challenge was: ANT (0F-EE-DM-E0-BE-EF) And you have to use the whole string, not just what is in the parentheses! PacBell does not disable this by default. Cheers, -Bryan K. Watson - NetTracers.com - bwatsonat_private SpaceTime wrote: > > We have unsuccessfully attempted to connect to both an Alcatel Speed Touch > Home and Alcatel 1000 ADSL at 10.0.0.138 and are wondering if there's > something we're missing? The connection is established but then repeatedly > times out. This has been tried from multiple platforms to no avail. > > The documentation in the released advisory > <http://www.cert.org/advisories/CA-2001-08.html> > for connecting and configuring the modems is very similar if not identical > to those found in the modem manuals, however both http and telnet requests > to 10.0.0.138 are timing out. > > Is access to the modem configuration a feature that has been turned off by > the ISP upon initial installation (we are doubtful of this as we are unable > to connect to the modems even after resetting them to their default state)? > Are we using the wrong IP? Is this a symptom of any of the found attacks > (it doesn't seem to be)? Any and all responses are greatly appreciated > > Jim Smithers > SpaceTime Research > -- > "When a subject becomes totally obsolete we make it a required course." > -Peter Drucker
This archive was generated by hypermail 2b30 : Sat Apr 21 2001 - 10:49:33 PDT