cancel
Showing results for 
Search instead for 
Did you mean: 

Hub Security

Cardiffman282
Problem sorter

Here's my idle Sunday morning thought for the day. 

As we know the VM hubs' settings can be accessed by the default password (or whatever this has been manually changed to by the customer).

However there is a "backdoor" (front door?) link to the hub stats that doesn't require any password:

Screenshot_20241110-103237.png

The Network Log data in mine contains a number of CM-MAC and CMTS-MAC addresses amongst other stuff (I think the sort of data the forum anonymises with asterisks).

Let's say someone parks up outside, brings up 192.168.100.1 on their phone, and accesses this data. Is it an issue? Are MAC cloning /flooding still a thing?

I'm not fearful that this will actually happen to me - my neighbours are more interested in pruning their petunias. It's just a thought. 

 

---------------
Cancel VM here
Complain to VM
here
Demand compensation from VM here
Demand your call recordings here
Monitor the state of your VM connection here
3 REPLIES 3

Client62
Alessandro Volta

It would appear that your first G&T is many hours away ...

goslow
Alessandro Volta

@Cardiffman282 wrote:

Here's my idle Sunday morning thought for the day. <snip>

They would have to connect to your network first of all to access the hub interface.

IIRC, the old 'changeme' passwords from the Superhubs are gone with the Superhubs. Doesn't each hub now come with a unique default settings password?

Yup of course you are both quite correct. It may still be prudent for the standalone Check Hub Status link to be dropped IMHO. Now where's that G&T... 

---------------
Cancel VM here
Complain to VM
here
Demand compensation from VM here
Demand your call recordings here
Monitor the state of your VM connection here