[vox-tech] SpeedStream 5360 ADSL modem, SNMP?

Jeff Newmiller vox-tech@lists.lugod.org
Mon, 7 Apr 2003 23:55:01 -0700 (PDT) 

On Mon, 7 Apr 2003, Mike Simons wrote:

> Hi all,
> 
>   I have a SpeedStream 5360 ADSL bridge, which is using IP 192.168.1.1, 
> is responding to SNMP requests, is listening on TCP port 80 and 6800.
> 
>   I think this device is standard issue for SBC DSL service.
> 
>   I would like to know how to reconfigure this modem (to change the IP
> address and turn off port 80 and 6800 and/or snmp).  All documentation
> for the device was lost and the efficient.com website has practically no
> information about the device.
> 
>   According to the helpful people at support@efficient.com, this device
> ===
> a) does not support SNMP
> b) does not use IP address 192.168.1.1
> c) does not allow any configuration
> d) appears to be malfunctioning and should be returned.
> ===
> 
>   I connected the modem all by itself upto a machine without a phone
> line into it and verified I can do things like ping, telnet to port 80
> and 6800, and do a snmpwalk.
> 
>   So I "know" what I'm being told (a, b, c) is hogwash...

>From one standpoint, that is true.

> - Does anyone else have one these modems?

I am bought a 5260 for a friend and installed it for her a few months
ago.  These are reportedly almost exactly the same as the 5360.

> - Does anyone have documentation that talks about reconfiguring them?

I can't find it... I may have given it to her.

http://www.dslreports.com/faq/efficient
http://www.dslreports.com/faq/eff  (yes, these are different)
http://www.magma.ca/~stephane/SpeedStream5260InstallGuide.pdf
http://www.dslr.org/forum/remark,5925863~root=equip,eff~mode=flat
http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&selm=6fellsc3k5std5146hok76am6n80sisjtd%404ax.com

I can't recall exactly, but I think I had to use the web interface to
reconfigure it.  Have you tried?  Try accessing it within 30 seconds of
the ethernet light turning on (I can't find the documentation I referred
to when I did it.)

The thing is, there was really only one useful thing to reconfigure, which
was the VCP/VCI values (0/35 or 8/35).  50% chance it is right already
anyway.

> - Can anyone see if their device appears to respond to pings to
>   192.168.1.1?

Anyone who tests this should beware that they need to reconfigure their
computer to handle 192.168.1.0/255.255.255.255 on their NIC.

Be sure you understand that this is a bridge, not a router.  It is
perfectly capable of bridging whatever ip the ISP sends packets to over to
the ethernet port on the modem, even though it can and will respond to a
(device-specific) ip address when prompted to from your computer.  
Normally, your machine will have the IP assigned by the ISP, and if you
want masquerading then you should be doing that on a different LAN.

Some people are concerned that the fact that the DSL modem responds to
this IP is a security issue... but the attacker would have to "own" the
gateway router in order to send packets at the private ip address of the
modem from upstream.  An alternate method to externally attack the modem
is to bounce off the "echo" protocol on your machine at the modem with a
false source IP/tcp port (guess which one).  The remedy is to disable the
echo protocol on your machine with the public IP address.

Another problem that I encountered: my old Alcatel 1000 uses the secondary
pair as the active wires, so the (custom) "phone" wire that goes to it
would not work with the SpeedStream.

---------------------------------------------------------------------------
Jeff Newmiller                        The     .....       .....  Go Live...
DCN:<jdnewmil@dcn.davis.ca.us>        Basics: ##.#.       ##.#.  Live Go...
                                      Live:   OO#.. Dead: OO#..  Playing
Research Engineer (Solar/Batteries            O.O#.       #.O#.  with
/Software/Embedded Controllers)               .OO#.       .OO#.  rocks...2k
---------------------------------------------------------------------------