Reject insecure factors-cut off the Black Hand that reaches the ADSL Modem

Transfer attack
The ADSL Modem obtains the IP address of the public network. When an attack occurs, if the routing method is enabled, all attacks on this IP address will be borne by the Modem. Due to the limitation of the chip's data processing capability, the ADSL Modem in SOHO can easily crash due to a large amount of attack data. We can perform port ing in the ADSL Modem to map the Internet access to Modem 21/23/69/80 or all ports to a non-existent IP address on the Intranet to transfer attack packets.

1. RDR ing
Go to the ADSL Modem configuration page, click the "service" tab, select "NAT Rule Entry" in "NAT Settings", and click the [add] button to add RDR rules. Take the Web port as an example. We map it to a non-existent IP address (192.168.1.200) (Figure 1), select Rule Flavor as RDR, and fill in the Rule ID, fill in 192.168.1.200 at the beginning and end of the local IP address, and select HTTP (80) in the Start/end values of the target port and the local port respectively. Select the default value for other options. Other Telnet, FTP, and TFTP ports are also mapped to RDR.

Figure 1 NAT rule addition page

2. Map through BIMAP
Using BIMAP rule ing, We can transparently map a lan ip address to the Internet. We can use BIMAP rules to map a non-existent IP address in the LAN to a public IP address to transfer attacks against ADSL Modem. Go to the ADSL Modem configuration page, click the "service" tab, select "NAT Rule Entry" in "NAT Settings", and click the [add] button to add a BIMAP Rule. For example, we map the BIAMP rule to a non-existent IP Address: 192.168.1.200. Set Rule Flavor to BIAMP, enter the Rule ID, and enter 192.168.1.200 at the beginning and end of the local IP address.

Improve Security Awareness
Insufficient user security awareness is also one of the causes of attacks. For example, a certain type of ADSL Modem uses the same user name and password when leaving the factory, we can find out from the Modem manual that many users have not changed the user name and password during normal use, in this way, viruses or malicious attackers on the network can easily gain absolute control over the ADSL Modem, making it easier to cause great losses.

1. Change the password of the administrator user
There are two ways to change the password of the administrator user. One is to use Telnet and then use the Passwd command at the command line prompt to modify the password. This is simple and will not be detailed. In addition, modify the settings on the Web configuration page. The specific steps are as follows:

Go to the ADSL Modem configuration page, click the "manage" tab, click "user settings", and then click the Root user's modify symbol (figure 2). Then, type the original password and new password, click [Submit] to change the settings.

Figure 2 user password setting page

2. Change the Management port
Generally, the HTTP/FTP/TFTP/Telnet service is provided in ADSL Modem. You can modify their default ports to improve system security. Go to the ADSL Modem configuration page, click the "manage" tab, and change the HTTP, Telnet, and FTP ports in "Port Settings. Modify the HTTP port to 61080, The Telnt port to 61023, And the FTP port to 61021 (Figure 3 ). In this way, port 80 is not used on the login configuration page. It should be http: // 192.168.1.1: 61080 (61080 is the new port number modified ); telnet login is not port 23, but telnet 192.168.1.1 61023. Note that some Modem configuration software (such as TP-Link and configuration software provided by Shida) is configured using the default Telnet port. If we modify the Telnet port of the ADSL Modem, these software cannot be connected, but there is no port option in the configuration software.

Figure 3 port setting page