1. Password stolen ADSL Route dialing caused the trouble
This article exposes the hacker attacks the ADSL user, steals the user name password The common method, the reader does not use it for the illegal use, and reminds all related to this flaw the user to take the precaution promptly.
ADSL as a broadband access mode has been accepted by the majority of users, now some users have many computers at home, through an ADSL router dial-up Internet, so that the full use of bandwidth, for the home has more than one computer to share the Internet users, generally through the establishment and configuration of proxy server to achieve shared access to the Internet, The disadvantage is that the host must be open to achieve sharing, another effective way is to use the router to achieve sharing, so that each client can access the Internet, the disadvantage is to acquire expensive routing equipment. In fact, some ADSL modem itself with the routing function, as long as the user can correctly configure the relevant parameters can be routed share, there is no need to add equipment.
Most of the modems provided by domestic ADSL service providers are built with routing capabilities, but because of technical reasons, a few ADSL modems design the routing function on the hardware, but the modem random software does not support the use of this feature in PPPoE virtual dial-up access mode, Only a dedicated user with a fixed IP address can use the routing function, or a product that requires a service provider with the same brand to be able to support the use of a PPPoE access mode, which requires upgrading the modem's software to use the built-in routing feature. Different routers have different configuration methods, there are many posts on this topic online, we mainly introduce those who use routing dial-up Internet users, need to pay attention to security issues.
The most common security problem is that users do not modify the router's configuration password, the general router to retake the appearance of a default configuration password. Only know this password, users can configure the router. Many users do not modify this password after they have configured their own routers. Lead to some criminals on the Internet can control the router, thereby stealing the user's ADSL account. How these outlaws are doing it, we are going to expose their modus operandi by one by one.
2. Scan ADSL online users for attack targets
Scan ADSL internet user's IP segment, get open 80 port host list
These users first dial their home ADSL, and then use the ipconfig command to view their IP, as shown in the following figure:
At the beginning of the-> run-> input cmd, in the presence of the DOS window to enter the Ipconfig can be seen:
In general, Beijing's ADSL internet users are 61.49.*.*. After you have obtained your own IP segment, you can find a good port scanning tool. New in the port scanning tool there are many, which support multithreading, small size, fast the most superscan. We use it here as a demonstration tool. The Superscan interface is as follows:
p>
generally we enter our IP segment first address at the start address, that is, the 61.49.*.1, the end IP address will automatically display the 61.49.*.254, here need to explain, next to that Ping, And the Connect data needs to be entered according to its own situation, for this segment of the IP, that is, the IP address of the first 3 parts with their own IP address the same IP, in the scan can be set to a small number of these data, and for other network segments of the address, the general need to set a larger point. Depending on the results of the scan, if the data entered is too small, the computer will not be found after the scan.
Modify select ports as shown in the figure, remove All other ports before the Green hook, (click the port can) eventually only retain 80 port, and then click Save, the Port configuration table saved to the hard disk, each time using Superscan will no longer need to be configured, only need to load. When the