With the popularization of network, network security is more and more valued by people. Today I would like to introduce a case that is rarely taken seriously. I hope everyone can improve their safety awareness!
Everyone should know, now a lot of cats with automatic dialing function, we can put the account number in the ADSL cat dial-up software, so that each time the computer starts the ADSL cat can automatically dial, an open computer can be online. The above work is done through the following steps:
One: Enter the cat's default address in the browser, such as: http://192.168.1.1, this time will pop up a dialog box, generally enter the ADSL cat when the default account and password are root, or admin, or do not need an ID and password, and the problem is here. Why did you say that?
Two: We should know the principle of ADSL! When we dial, the Telecommunications Bureau will randomly assign you an IP address. And this IP address is a regular, a region corresponding to a section of IP, as our IP is assigned to the form of 61.*.*.*, we can ipconfig/all this command to view their current access to IP.
Three: For example, my ADSL obtained IP is 61.138.4.2. So in this way, the last digit of the IP change is likely to be the IP that another user is using. We have entered the browser from 61.138.4.3 to 61.138.4.254. If an ADSL cat's login dialog box pops up, it means that we have connected to the other's ADSL cat and then try to enter a few accounts and passwords. How did you get in? Any one of these parameters can be changed, once we see who is unhappy can make each other's cat off, and the other side may think their cat is bad.
Today, I did an experiment, the success is 80%, because our bureau seems to be unaware of this problem, and almost all of the ADSL cat has not changed their password. Because the telecommunications installation of ADSL use of ADSL cat model is so several, and the same type of ADSL modem's default password is the same, which greatly increased the likelihood of guessing the password.
If you can only login to your modem you do not care, but it is logged on your modem if you change the modem's NAT settings can be further access to your computer in the intranet, when the computer itself does not do a good job of protection then you are dangerous.
The above said everyone also don't believe, but this is my personal experience, my computer is so black once, when the Internet, installed a firewall, suddenly see the firewall alarm, Source address is 192.168.1.1, to connect my computer what port, I did not pay attention to, continue to surf the internet, and then after the boot will no longer go into the, anyway, no matter what state, always back. And I would like to change the cat's settings can not go in. Each time you have to use the pencil head and hold back the small origin point reset to solve the problem. Now it must have been someone who used the extranet IP to remotely enter my cat black off me. Perhaps everyone will be surprised, such a big problem, telecom people will not not know it, on this issue I also asked Telecom friends, in fact they are also solving the problem, and gave a number of emergency measures. If your telecoms department isn't aware of the problem. You can do this:
1. ADSL set to prohibit the public web landing, only local LAN Web landing.
2. Change the default password.
3. It was my thought, and the most absolute. It is also possible to change the ADSL web landing port to another port. A lot of the way I am now the most poisonous way is to map the 80 port to my computer, and then change my IIS default page to a page with the attack code, such as can be made to open the other side of the optical drive code, a warning page, and so on, I used to do a Java, hehe!
Well, know the cat was hack principle, we don't have to be afraid, if you say your ADSL cat has not changed the password, or as soon as possible to change it!