I have been doing a little portscanning on my local network. It’s my home network so no-one is going to complain. Unfortunatly it looks as if BT leave the telnet port open on their Voyager 200 series router with an admin user called “admin” and admin password set to a totally insecure “admin”. I had already changed my admin password, but I used the IOS (or it seems to be IOS) interface to change the default admin username.
Given all the security concerns on the interweb lately why do they leave an insecure port open with a trivial username and password? I’m really thinking about dumping them and going with a company that has a clue. Their sales staff have lied to me, their technical support staff are MS Word monkies who know where the control panel is and it seems that their product designers now do stupid things with telnet. BT suck.
FYI: It seems that this router has firmware from www.askey.com, in fact it seems to be a BT branded version of their RTA230 which has plenty of ways of foobaring it if you know the admin password. For exmple the HTTP firmware replacement feature could be abused to upload trojaned firmware to the router.