DEF CON 22 I Hunt TR 069 Admins Pwning ISPs Like a Boss
Christopher Chance
cchance at newtechgrp.com
Fri Jan 16 17:13:00 EST 2015
Yep unless you changed em.
There are only 4 open ports anyway 2 northbound web/api and 2 southbound fs and camp
Does anyone know the CPU/men/drive requirements for say 10k devices?
On Jan 16, 2015 5:55 PM, Dan Morphis <dan at milkcarton.com> wrote:
As we prepare to deploy Genie, I want to verify that the only ports that need to be accessible by the CPE are 7547 (cwmp) and 7567 (file server)? Is that accurate?
-dan
On Fri, Jan 16, 2015 at 12:08 PM, Zaid Abdulla <zaid at genieacs.com<mailto:zaid at genieacs.com>> wrote:
Hello,
I thought you guys might be interested in this TR-069 related talk:
https://www.youtube.com/watch?v=DlID0CH3j4M
In this talk Shahar and his team from Checkpoint Technologies researched
a few ACS systems looking for security vulnerabilities. GenieACS was one
of the systems they looked into and found a vulnerability. They were
kind to inform me before publishing their findings. This is the fix of
said vulnerability if anyone is curious:
https://github.com/zaidka/genieacs/commit/03f9a9e6289c18f3a9742d9737552d150294605d
Zaid
_______________________________________________
Users mailing list
Users at lists.genieacs.com<mailto:Users at lists.genieacs.com>
http://lists.genieacs.com/mailman/listinfo/users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.genieacs.com/pipermail/users/attachments/20150116/8e2facb3/attachment.html>
More information about the Users
mailing list