Pastebin launched a little side project called VERYVIRAL.com, check it out ;-) Want more features on Pastebin? Sign Up, it's FREE!
Guest

ISPs & The Case Of 4567

By: a guest on Nov 1st, 2012  |  syntax: None  |  size: 8.86 KB  |  views: 1,350  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. Dear Internet,
  2.  
  3. It has come to our attention that Verizon, Qwest/Centurytel, and other companies have numerous ports open for the modems which CAN NOT be disabled. Now, before you question if we're just all idiots that don't know what forwarded ports are, or how to disable remote admin - Simply look up "Qwest Port 4567" "Centurytel Port 4567" and realize how much of a wide spread issue this open port problem truly is. Now, why is it that these companies can't get this right? Could it be a backdoor? Could it be poor programming? Could it be that these companies are working with governments? The following is a conversation with a Qwest representative. Take what you will from it.
  4.  
  5. *
  6. *
  7. *
  8.  
  9. Tech Bob>How may I help you today?
  10. XXXXXX>Give me one moment, and I'll get the specific model number for my router, so I can explain fully
  11. XXXXXX>Ok
  12. XXXXXX>I have an Actiontec Q1000
  13. XXXXXX>And I've checked literally everything. Forwarded ports, I've set my firewall to high.
  14. XXXXXX>I have no forwarded ports, and I've clicked and checked literally every setting
  15. XXXXXX>Now, the issue is that port 4567 is open, regardless of what I do
  16. XXXXXX>Now, why is this?
  17. XXXXXX>Also, this port is internet-facing. When someone uses my IP address, and designates that port ( such as, 1.1.1.1:4567 ) it asks for a username and password
  18. XXXXXX>This is not only a potential security issue, but the fact I can't fix this is bothering me. Can you help?
  19. Tech Bob>Let me research that a little and I'll get right back to you
  20. XXXXXX>I've looked it up, and it seems to effect the M1000 model too, and I've also seen that Verizon has the same issue
  21. Tech Bob>I'm guessing that is all of our modems for allowing our internal diagnostic systems to access your modem
  22. Tech Bob>again, that is a guess
  23. XXXXXX>Is there any possible way for it to be fixed? I've been with a lot of ISPs including Time Warner, Comcast, CenturyTel, and who knows how many others and I've never dealt with this
  24. Tech Bob>I don't think it can be blocked
  25. Tech Bob>Let me see if I can look into it a little more
  26. XXXXXX>If it can't be blocked, can I exchange routers to get one that doesn't have this "feature"?
  27. Tech Bob>all of our modems would have that I would think
  28. Tech Bob>you can go with a non-centurylink modem
  29. XXXXXX>Would that be provided to me, free of charge?
  30. Tech Bob>no
  31. XXXXXX>So I wouldn't be able to get a Zyxel or other brand of router, specifically offered by Qwest/CenturyLink as an equal exchange?
  32. Tech Bob>You might need to talk to one our engineers about this. I don't have anyone here this late at night
  33. Tech Bob>The Zyxcel has the same firmware in it
  34. XXXXXX>Is there any way I can be forwarded to Actiontec's Tier 2 support?
  35. Tech Bob>You can call them directly, yes
  36. Tech Bob>let me see if I can find that number
  37. Tech Bob>800 720 9844
  38. XXXXXX>I don't have the phone number, and I talked with a chat representative like yourself earlier. They told me that Actiontec would not respond to me unless the chat was bridged over to them
  39. Tech Bob>You can call in the morning to see if we can transfer you over
  40. Tech Bob>oh, you might be able to call now
  41. Tech Bob>I'm showing they are open 24/7
  42. Tech Bob>our number is 888-777-9569
  43. XXXXXX>Now, before call them, what exactly would an engineer be able to do that you could not? Seeing as all of the modems have the same firmware, and what not.
  44. Tech Bob>We have 1 person that works directly with our equipment vendors
  45. XXXXXX>I understand that, but what exactly would they be able to do? Custom firmware, new hardware?
  46. Tech Bob>bug report, get fixes put into next firmware release
  47. XXXXXX>As an open source developer myself, how long do firmware releases normally take? I know companies like Netgear, Belkin, or Linksys don't push updates to their wireless routers once new hardware comes out
  48. Tech Bob>we are working on a new one now, it should be out with in the next couple of months from my understanding
  49. XXXXXX>Is there a ticketing system for Qwest/CenturyLink hardware, or does Actiontec have a system that someone can look at?
  50. Tech Bob>We don't
  51. Tech Bob>not an external one
  52. XXXXXX>Alright, well.. I don't believe my problem can be fixed tonight then. Is there any way that I can find out if this open port issue is fixed without talking to a service representative such as yourself every day?
  53. Tech Bob>I don't know of a way, sorry
  54. XXXXXX>Well, alright then. Do you mind if I post pieces or this entire conversation online including but not limited to: Facebook, Twitter, and other social media or online forums?
  55. Tech Bob>I would suggest our forum, I'm trying to find that address for you now
  56. XXXXXX>Thank you, Bob
  57. Tech Bob>an avenue that would lead to this possibly getting into the next firmware update
  58. Tech Bob>https://forums.centurylink.com/
  59. XXXXXX>Now, just for clarification, why exactly is port 4567 open again?
  60. Tech Bob>I don't know exactly
  61. Tech Bob>I can only guess
  62. Tech Bob>Like I said in the beginning, that was a guess.
  63. XXXXXX>Now, I haven't looked at the forum yet but is there a change log of what has changed from version to version?
  64. XXXXXX>In regards to the firmware of routers
  65. XXXXXX>and/or modems
  66. Tech Bob>There should be on our http://ctlhelp.com site
  67. Tech Bob>I want to check one more think also
  68. Tech Bob>Thank You. One moment
  69. Tech Bob>We can try the Zyxel if you would like
  70. Tech Bob>wouldn't hurt to see
  71. XXXXXX>You mean, changing hardware?
  72. XXXXXX>yes, to another brand of modem
  73. Tech Bob>that we talked about above
  74. XXXXXX>Alright, is there anything I would need to do in order to verify the switch?
  75. Tech Bob>I would be sending you a new modem
  76. XXXXXX>I'm under the impression I would need to send back the Actiontec?
  77. Tech Bob>yes
  78. Tech Bob>I would swap out your modem for a new ZyXel branded modem
  79. XXXXXX>Would someone come to my home, or would I just mail it back?
  80. Tech Bob>it has the same uniform firmware but might not have this issue, we could try it
  81. Tech Bob>no, it's done via UPS, it comes with a pre-paid return UPS label
  82. Tech Bob>I think you could call them to pick it up
  83. Tech Bob>Is that something you would want to try?
  84. XXXXXX>That is in fact something I would love to do
  85. Tech Bob>Thank You. One moment
  86. Tech Bob>okay, it should be there on Friday
  87. Tech Bob>11/02/12
  88. XXXXXX>Alright, very good Bob
  89. Tech Bob>Is there anything else I can do for you?
  90. XXXXXX>Nope, that is the only reason that I came into this chat
  91. Tech Bob>It has been a pleasure working with you today.  Please bookmark our self help website at www.ctlhelp.com, it has many great resources related to your service.   Thanks again for contacting CenturyLink Technical Support and have a great day.
  92.  
  93. *
  94. *
  95. *
  96.  
  97. If you associated for any ISPs which are backdoored, or otherwise sketchy and feel like talking about it anonymously over secure channels, please get in contact with us at https://twitter.com/Port4567
  98.  
  99. *
  100. *
  101. *
  102.  
  103. (02:12:06 AM) 000000: now ask him if he loves mudkipz?
  104. (02:12:11 AM) XXXXXX: lolno
  105.  
  106.   |`.                                                     ,'|
  107.   |. `.                                                 ,' .|
  108.   ||`. `.                                             ,' ,'||
  109.   ||##`. `.                                         ,' ,'##||
  110.   ||####`. `.                                     ,' ,'####||
  111.   ||######`. |             ___,-.___             | ,'######||
  112.   ||#######| |          ,='__/___\__`=.          | |#######||
  113.   ||#######| |         /  .         .  \         | |#######||
  114.   ||#######| |     ,--'\ .'  _,-._  `. /`--.     | |#######||
  115.  _|`-------' |-----'    \: ,' ::: `. :/    `-----| `-------'|_
  116. | `---------.|----------' /.: ''' :.\ `----------|,---------' |
  117. {====------<||         [I(    | |    )I] ::::    ||>------====}
  118. |_,---------'|_________`- \ | | | | / -'_________|`---------._|
  119.   |,-------. |--.__     /: `._' '_,' :\     __,--| ,-------.|
  120.   ||#######| |     `--./ `.   `-'   ,' \,--'     | |#######||
  121.   ||#######| |         \  `.       ,'  /         | |#######||
  122.   ||#######| |          `.__`_____'__,'          | |#######||
  123.   ||#######| |            |-._[_]_,-|            | |#######||
  124.   ||#######| |      ::::: |   |-|   |      ::    | |#######||
  125.   ||#######| |      ::::: |___| |___|      ::    | |#######||
  126.   ||#######| |      ::::: | | ,-. | |      ::    | |#######||
  127.   ||#######| |      ::::: | | |n| | |      ::    | |#######||
  128.   ||#######| |            | |     | |      ::    | |#######||
  129.   ||#######| |`.          | |     | |          ,'| |#######||
  130.   ||#######| |  `-._      | |     | |      _,-'  | |#######||
  131.   ||#######| |      `--.__| |_____| |__,--'      | |#######||
  132.   ||#######| |            |_|_____|_|            | |#######||
  133.   ||######,' |                                   | `.######||
  134.   ||####,' ,'                                     `. `.####||
  135.   ||##,' ,'                                         `. `.##||
  136.   ||,' ,'                                             `. `.||
  137.   |' ,'                                                 `. '|
  138.   |,'                                                     `.|