Usually I use a SSH connection forwarded through my ADSL router to one of my home servers for remote access to my network.Â The server in question though had become un-responsive so I had no way remotely into myÂ network.
For fun I nmap’d the public IP of my ADSL router and found the following interesting port open:
80/tcp Â open Â http
I thought I had switched off all the “remote” control methods on my router but clearly not, visiting the page gave me the following (scary) login screen.
A bit of googling shows that this router has a special ‘support’ login for remote troubleshooting by Telkom built into the firmwareÂ (for the South Africa firmware anyway) the default password for this account is ‘TelkomDlink12345’
The setup web-interface that loads when logged in as ‘support’ is a little more limited than the standard one you get logged in as Admin, unfortunately one of the features that was not available in support mode was the port-forwarding rules which is what I wanted access too.
How to fix this?
Change all the passwords for the default accounts (admin, support and user) and disable the remote admin interface if you don’t need it.