Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Cant' connect to router using telnet
2,777 views
Skip to first unread message
Johnny
Sep 27, 2014, 11:33:49 AM9/27/14
to
I have a Motorola nvg589 and wanted to see if it's using bash.
According to the user's manual, it has a CLI, and it even shows how to
use telnet to connect and change he settings, but when I enter: telnet
my/ipaddress, I get this error message: telnet: could not resolve
http://my.ipaddress/cgi-bin/remoteaccess.ha/telnet: Name or service
not known
I had remote access enabled when I tried this.
My ISP is ATT Uverse.
Pascal Hambourg
Sep 27, 2014, 2:01:09 PM9/27/14
to
Johnny a écrit :
If you have an http URL, use a web browser, not telnet.
> I have a Motorola nvg589 and wanted to see if it's using bash.
> According to the user's manual, it has a CLI, and it even shows how to
> use telnet to connect and change he settings, but when I enter: telnet
> my/ipaddress, I get this error message: telnet: could not resolve
> http://my.ipaddress/cgi-bin/remoteaccess.ha/telnet: Name or service
> not known
Err, telnet expects an IP address or a hostname, not a URL...
> According to the user's manual, it has a CLI, and it even shows how to
> use telnet to connect and change he settings, but when I enter: telnet
> my/ipaddress, I get this error message: telnet: could not resolve
> http://my.ipaddress/cgi-bin/remoteaccess.ha/telnet: Name or service
> not known
If you have an http URL, use a web browser, not telnet.
Kirk_Von_Rockstein
Sep 28, 2014, 10:26:14 AM9/28/14
to
[tiny url of above link, below:]
http://tinyurl.com/p94ymkr
Read pages 107 - 109 of this PDF.
Note if you have not changed the default gateway yourself
you would run below example in a terminal from a computer
running Mint[?] on your lan.
telnet 192.168.1.254
You then need to login using username and password you setup with.
When logged in, you should see your terminal prompt change as
shown on page 108.
Johnny
Sep 28, 2014, 11:09:49 AM9/28/14
to
On 28 Sep 2014 14:26:14 GMT
I tried to get that manual from AT&T and Motorola, and neither one had
it. I was lucky enough to find it on line.
I'm sure the problem is my firewall, when I try to use telnet, I can
check the firewall logs and see the connection was dropped.
Source 192.168.1.64 Destination xx.xxx.70.41 TCP
Disallowed WAN-side management service access
It looks to me like the Source and destination are reversed? I want to
connect to 192.168.1.64, but it is shown as the source, and my IP
address is the destination.
The problem is my old AT&T i38hg router died, and I just got this one
about a week ago. With the old modem, I could allow or block telnet.
I'm sure I can do it with this one, but I just haven't figured out how
to do it.
This is what's being blocked right now:
Firewall Advanced
Drop packets with invalid source or destination IP address
Protect against port scan
Drop packets with unknown ether types
Drop packets with invalid TCP flags
Drop incoming ICMP Echo requests
Flood Limit
Flood rate limit
Flood burst limit
Flood limit ICMP enable
Flood limit UDP enable
Flood limit TCP enable
Flood limit TCP SYN-cookie
ESP ALG
it. I was lucky enough to find it on line.
I'm sure the problem is my firewall, when I try to use telnet, I can
check the firewall logs and see the connection was dropped.
Source 192.168.1.64 Destination xx.xxx.70.41 TCP
Disallowed WAN-side management service access
It looks to me like the Source and destination are reversed? I want to
connect to 192.168.1.64, but it is shown as the source, and my IP
address is the destination.
The problem is my old AT&T i38hg router died, and I just got this one
about a week ago. With the old modem, I could allow or block telnet.
I'm sure I can do it with this one, but I just haven't figured out how
to do it.
This is what's being blocked right now:
Firewall Advanced
Drop packets with invalid source or destination IP address
Protect against port scan
Drop packets with unknown ether types
Drop packets with invalid TCP flags
Drop incoming ICMP Echo requests
Flood Limit
Flood rate limit
Flood burst limit
Flood limit ICMP enable
Flood limit UDP enable
Flood limit TCP enable
Flood limit TCP SYN-cookie
ESP ALG
Pascal Hambourg
Sep 29, 2014, 5:16:21 AM9/29/14
to
Johnny a écrit :
Where are you to connect from ? The router's internal LAN or a remote
location ?
What command did you run exactly ?
>
> I'm sure the problem is my firewall, when I try to use telnet, I can
> check the firewall logs and see the connection was dropped.
>
> Source 192.168.1.64 Destination xx.xxx.70.41 TCP
> Disallowed WAN-side management service access
>
> It looks to me like the Source and destination are reversed? I want to
> connect to 192.168.1.64, but it is shown as the source, and my IP
> address is the destination.
What are 192.168.1.64 and xx.xxx.70.41 ?
> I'm sure the problem is my firewall, when I try to use telnet, I can
> check the firewall logs and see the connection was dropped.
>
> Source 192.168.1.64 Destination xx.xxx.70.41 TCP
> Disallowed WAN-side management service access
>
> It looks to me like the Source and destination are reversed? I want to
> connect to 192.168.1.64, but it is shown as the source, and my IP
> address is the destination.
Where are you to connect from ? The router's internal LAN or a remote
location ?
What command did you run exactly ?
Kirk_Von_Rockstein
Sep 30, 2014, 11:11:05 AM9/30/14
to
and a proper port number selected. My guess would be that
the telnet port address is set to zero which disables telnet.
By the way, this router has SSH available on it,
If you need to remote admin this router from the WAN side,
you should use SSH as this router/modem is capable of doing so.
You are at this point, just trying to admin the router using
a computer (GNU/Linux) which is connected to a LAN side interface
port on the router, ...right?
Note that this router has two major command modes,
SHELL and CONFIG.(pg. 105) You can determine which mode
you are in via the prompt. On (page 118) it shows how to
switch between the two CLI modes. (page 146) shows you how
to enable LAN management. In CLI Config mode you would type:
set management lanmgmt enable on
At the bottom of (page 148) note the listed commands
for the configuration of telnet.
The manual mentions that by default the port is set to 0
which disables telnet. So from the CLI config
mode prompt you would type:
set management remote-access telnet-port 2323
2323 as an example. Then from a terminal on a computer connected
to a LAN side port of the router you would type something like
this in CLI SHELL mode:
telnet 192.168.1.64 2323
Double check your Home Network page in GUI for proper gateway ip
address for the above. I have never had access to this model
router/modem, so I do not know if /all/ the settings are available
from the web interface GUI. You may only be able to manage certain
settings from the CLI.
Johnny
Oct 3, 2014, 10:58:50 AM10/3/14
to
On 30 Sep 2014 15:11:05 GMT
not allow remote access to this router. SSH is disabled by AT&T.
SSH times out, and telnet says connection refused.
When the bash bug Shellshock first came out was when I wanted to try
remote access, and see what version of bash it was using, or if it was
even using bash.
I'm not going to worry about it, I think Shellshock only affects
servers, and I don't have a server.
I did scan the router at grc.com, and all ports show stealth mode.
Kirk_Von_Rockstein <Kirk_Von_...@nowhere.invalid> wrote:
> Problem is you do not have the telnet service enabled
> and a proper port number selected. My guess would be that
> the telnet port address is set to zero which disables telnet.
> By the way, this router has SSH available on it,
> If you need to remote admin this router from the WAN side,
> you should use SSH as this router/modem is capable of doing so.
> You are at this point, just trying to admin the router using
> a computer (GNU/Linux) which is connected to a LAN side interface
> port on the router, ...right?
I appreciate your time and effort. From what I have read, AT&T does
> Problem is you do not have the telnet service enabled
> and a proper port number selected. My guess would be that
> the telnet port address is set to zero which disables telnet.
> By the way, this router has SSH available on it,
> If you need to remote admin this router from the WAN side,
> you should use SSH as this router/modem is capable of doing so.
> You are at this point, just trying to admin the router using
> a computer (GNU/Linux) which is connected to a LAN side interface
> port on the router, ...right?
not allow remote access to this router. SSH is disabled by AT&T.
SSH times out, and telnet says connection refused.
When the bash bug Shellshock first came out was when I wanted to try
remote access, and see what version of bash it was using, or if it was
even using bash.
I'm not going to worry about it, I think Shellshock only affects
servers, and I don't have a server.
I did scan the router at grc.com, and all ports show stealth mode.
Joe Beanfish
Oct 4, 2014, 11:16:35 AM10/4/14
to
attack vector for shellshock. If the web server ever executes an external
program to do work (many do at some point) and that program is, or calls,
a shell script and the system shell is bash, you're toast, unless the
environment has been specifically sanitized.
There are numerous hackers actively scanning every IP on the net looking
for breakable ones. One test you can do, though not definitive, is set
your user agent to
() { :; }; echo "Content-Type: text/plain; charset=ISO-8859-1";echo
"Content-Length: 14";echo "";echo "CVE-2014-6271";exit
Then surf around any web server. If pages break oddly or display
CVE-2014-6271 you've discovered a vulnerability. Unfortunately not seeing
glitched pages isn't definitively safe though. Be sure to set your user
agent back to normal when surfing the web in general. You may get blocked
as an attacker.
If you have anything running *nix visible to the internet you should
assume that it's possibly vulnerable until you hear otherwise from the
vendor or some reliable source. Pretty soon even private servers will
become an issue as virus writers add shellshock to their arsenal of
attack vectors to try once running on someone's PC.
Johnny
Oct 4, 2014, 1:04:59 PM10/4/14
to
On Sat, 4 Oct 2014 15:16:35 +0000 (UTC)
Joe Beanfish <joebe...@nospam.duh> wrote:
I just called AT&T support, and the woman I talked to has never heard
of Linux, shellshock, or bash. So I guess there is nothing I can do.
I did find the source code for the NVG589 Motorola modem/router, and it
does use Linux and bash.
From Sourceforge:
The NVG589 is built on various different flavors of Linux. The NVG589
has been built on Fedora Core 11 and greater and Ubuntu 9.04 and greater.
If using Ubuntu, make sure /bin/sh points to /bin/bash. (Not /bin/dash)
http://sourceforge.net/projects/nvg589.arris/files/NVG589%201.0/
Joe Beanfish <joebe...@nospam.duh> wrote:
of Linux, shellshock, or bash. So I guess there is nothing I can do.
I did find the source code for the NVG589 Motorola modem/router, and it
does use Linux and bash.
From Sourceforge:
The NVG589 is built on various different flavors of Linux. The NVG589
has been built on Fedora Core 11 and greater and Ubuntu 9.04 and greater.
If using Ubuntu, make sure /bin/sh points to /bin/bash. (Not /bin/dash)
http://sourceforge.net/projects/nvg589.arris/files/NVG589%201.0/
Kirk_Von_Rockstein
Oct 5, 2014, 12:25:19 PM10/5/14
to
On 2014-10-03, Johnny <joh...@invalid.net> wrote:
> On 30 Sep 2014 15:11:05 GMT
> Kirk_Von_Rockstein <Kirk_Von_...@nowhere.invalid> wrote:
>
>> Problem is you do not have the telnet service enabled
>> and a proper port number selected. My guess would be that
>> the telnet port address is set to zero which disables telnet.
>> By the way, this router has SSH available on it,
>> If you need to remote admin this router from the WAN side,
>> you should use SSH as this router/modem is capable of doing so.
>> You are at this point, just trying to admin the router using
>> a computer (GNU/Linux) which is connected to a LAN side interface
>> port on the router, ...right?
>
> I appreciate your time and effort. From what I have read, AT&T does
> not allow remote access to this router. SSH is disabled by AT&T.
>
> SSH times out, and telnet says connection refused.
I'm looking at the AT&T Manual, and there are several
> On 30 Sep 2014 15:11:05 GMT
> Kirk_Von_Rockstein <Kirk_Von_...@nowhere.invalid> wrote:
>
>> Problem is you do not have the telnet service enabled
>> and a proper port number selected. My guess would be that
>> the telnet port address is set to zero which disables telnet.
>> By the way, this router has SSH available on it,
>> If you need to remote admin this router from the WAN side,
>> you should use SSH as this router/modem is capable of doing so.
>> You are at this point, just trying to admin the router using
>> a computer (GNU/Linux) which is connected to a LAN side interface
>> port on the router, ...right?
>
> I appreciate your time and effort. From what I have read, AT&T does
> not allow remote access to this router. SSH is disabled by AT&T.
>
> SSH times out, and telnet says connection refused.
services that are available but are not
enabled by default. Just quickly looking through the
AT&T manual these are some I located:
SSH, Telnet, FTP, TFTP, etc.
Like I said, they may not be obviously accessable via the
Web GUI gateway interface, but they are there.
In the Web GUI interface, under the "Home Network "
tab >> "Subnets and DHCP". Locate the
"Public Subnet " section and set the
"Allow Inbound Traffic" drop-down to"On".
This will allow inbound requests.
The services may be setup from the "Custom Services"
under the "Firewall" tab I would presume if you
wanted to set them up from the GUI.
Most these services are off by default.
Look at some of these settings under remote management
and ALG for example, telenet and ssh are available
if you ever needed to set them up:
set management remote-access http-port [ 1 - 65534 ]
Sets the web access port for remote access
management of the Gateway. Default is port 51003.
set management remote-access https-port [ 1 - 65534 ]
Sets the secure web access port for remote access
management of the Gateway. Default is port 51443.
set management remote-access telnet-port [ 1 - 65534 ]
Specifies the port number for remote access telnet
(CLI) communication with the Motorola Gateway. Because port
numbers in the range 0-1024 are used by other protocols,
you should use numbers in the range 1025-65534 when
assigning new port numbers to the Motorola Gateway telnet
configuration interface. A setting of 0 (zero) will turn
the server off. Defaults to port 0.
set management remote-access ssh-port [ 1 - 65534 ]
Specifies the port number for secure shell (SSH)
communication with the Motorola Gateway. Defaults to port 22.
set management lanmgmt enable [ off | on ]
Turns TR-064 LAN side management services on or off.
The default is off.
set ip alg ftp-enable [ on | off ]
Turns the FTP (File Transfer Protocol)
ALG for file transfers on or off. Default is on.
set ip alg h323-enable [ on | off ]
Turns the H323 ALG for audio, video,
and data communications across IP-based network
on.
set ip alg tftp-enable [ on | off ]
Turns the TFTP (Trivial File Transfer Protocol)
ALG for simple file transfers and firmware u
Default is on.
> When the bash bug Shellshock first came out was when I wanted to try
> remote access, and see what version of bash it was using, or if it was
> even using bash.
>
> I'm not going to worry about it, I think Shellshock only affects
> servers, and I don't have a server.
>
> I did scan the router at grc.com, and all ports show stealth mode.
setup a Ipcop router/firewall/proxy behind it. It uses
Bash as the shell, so I upgraded Bash to the patched version
several days ago.
For a OEM router/firewall/modem your NVG589 seems to have
a lot of features, the firmware is constructed from
GNU/Linux.
Johnny
Oct 6, 2014, 3:07:19 PM10/6/14
to
On 5 Oct 2014 16:25:19 GMT
have found out what I wanted to know.
I think the NVG589 uses busybox instead of bash.
From page 185 of the manual:
GNU General Public License 2.0 (GPL)
This Motorola product contains the following open source software packages licensed under the terms of the
GPL 2.0 license:
* Linux 2.6.30
* Arptables 0.0.3-4
* bridge-utils 1.2
* BUSYBOX 1.18.3
* dnsmasq 2.45
* ez-ipupdate 3.0.11b7
* haserl 0.9.26
* inetd
* iproute2
* iptables 1.4.0
* ntpclient 2003_194
* pppd 2.4.4
* rp-pppoe 3.10
* samba 3.0.25a
* udev 136
* vconfig 1.6
* wget 1.10.2
* zebra 0.94
BusyBox uses the Almquist shell, also known as A Shell, ash and sh.
https://en.wikipedia.org/wiki/BusyBox
Kirk_Von_Rockstein <Kirk_Von_...@nowhere.invalid> wrote:
> > I appreciate your time and effort. From what I have read, AT&T does
> > not allow remote access to this router. SSH is disabled by AT&T.
> >
> > SSH times out, and telnet says connection refused.
>
> I'm looking at the AT&T Manual, and there are several
> services that are available but are not
> enabled by default. Just quickly looking through the
> AT&T manual these are some I located:
> SSH, Telnet, FTP, TFTP, etc.
> Like I said, they may not be obviously accessable via the
> Web GUI gateway interface, but they are there.
I will keep trying to get to the command line, but for now I think I
> > I appreciate your time and effort. From what I have read, AT&T does
> > not allow remote access to this router. SSH is disabled by AT&T.
> >
> > SSH times out, and telnet says connection refused.
>
> I'm looking at the AT&T Manual, and there are several
> services that are available but are not
> enabled by default. Just quickly looking through the
> AT&T manual these are some I located:
> SSH, Telnet, FTP, TFTP, etc.
> Like I said, they may not be obviously accessable via the
> Web GUI gateway interface, but they are there.
have found out what I wanted to know.
I think the NVG589 uses busybox instead of bash.
From page 185 of the manual:
GNU General Public License 2.0 (GPL)
This Motorola product contains the following open source software packages licensed under the terms of the
GPL 2.0 license:
* Linux 2.6.30
* Arptables 0.0.3-4
* bridge-utils 1.2
* BUSYBOX 1.18.3
* dnsmasq 2.45
* ez-ipupdate 3.0.11b7
* haserl 0.9.26
* inetd
* iproute2
* iptables 1.4.0
* ntpclient 2003_194
* pppd 2.4.4
* rp-pppoe 3.10
* samba 3.0.25a
* udev 136
* vconfig 1.6
* wget 1.10.2
* zebra 0.94
BusyBox uses the Almquist shell, also known as A Shell, ash and sh.
https://en.wikipedia.org/wiki/BusyBox
Kirk_Von_Rockstein
Oct 7, 2014, 10:33:46 AM10/7/14
to
<snipped for brevity>
use Ash for the shell, so your in the clear as to
the shellshock vuln on this router.
Yeah most these consumer based OEM routers that do have
some form of modified GNU/Linux, do use Busybox, Dropbear, etc.
I have 14 older Linksys WRT54G, WRT54GL, WRT54G-TM
WRT54GS type routers, and several more Netgear routers,
that the OEM firmware has been replaced with DD-WRT Linux firmware,
standard or mega builds and they all have
Busybox and Ash as the shell also.
> I will keep trying to get to the command line,
> but for now I think I have found out what I wanted to know.
>
> I think the NVG589 uses busybox instead of bash.
Yes it does use Busybox and your right, Busybox does
> but for now I think I have found out what I wanted to know.
>
> I think the NVG589 uses busybox instead of bash.
use Ash for the shell, so your in the clear as to
the shellshock vuln on this router.
some form of modified GNU/Linux, do use Busybox, Dropbear, etc.
I have 14 older Linksys WRT54G, WRT54GL, WRT54G-TM
WRT54GS type routers, and several more Netgear routers,
that the OEM firmware has been replaced with DD-WRT Linux firmware,
standard or mega builds and they all have
Busybox and Ash as the shell also.
0 new messages