I hope this is the correct forum. I have DSL access to the Internet with my phone company, Windstream. Several weeks ago they switched my 12Mbps 2 wire service to 24Mbps 4 wire with a Sagemcom F@ST 4320 modem/router. On our nonprofit campus we have 2 printers and 2 additional access points (in other buildings) with static LAN IP addresses. Suddenly late yesterday afternoon nothing worked – could not print to printers, no Internet. I noticed the LAN IP address on my laptop was not correct. 192.168.254.xxx as opposed to xxx.xxx.xxx.xxx. The modem/router had been reset to default, 192.168.254.254, but I was the only one here. Login was reset to admin/admin. When I logged in and reset my LAN IP address all my passwords – modem/router & WIFI – were intact. I called Windstream to see how this could have happened. They tell me this behavior is common with all DSL modems and is the result of a power blink. I have never experienced this behavior before. I explained that I was concerned about security since the modem/router was reset to default IP address and admin/admin for name and password and we have a WIFI guest SSID. They told me there was no security concern, in fact they recommended their customers not change the default settings, but I could get a battery backup for the router if I was worried. Does all this sound correct? I have USB storage on one access point and several computers on the network.
Not sure about what my ISP is telling me???
- Thread starter okie2003
- Start date
Solution
Isokolon
Judicious
- Jul 24, 2016
- 6,369
- 112
- 34,390
I work for an ISP and it's quite common for our modems to lose their config when there is a power outage (or an intensive power spike for example after some thunder) which requires us to.flash the config again and the customer to redo it's personal configs (mostly WiFi stuff)
Don't know if that's the answer you were looking for.
Don't know if that's the answer you were looking for.
That is not real common to reset it but I have seen it happen. It is a crap router that is totally unsecured with a out of the box config. Most routers you can only configure via lan ports and the WiFi default password is a generated function of the mac address or the radios are disabled until you set the SSID. Some routers to make it simple on stupid users do allow config via the WiFi with factory settings.
I would unplug your router a few times and see how often it resets. If it is common it might be cheaper to buy a different router than a battery backup but I run all my equipment on UPS. My computers tolerate small blips in the power but the router and modem seem to reboot on the smallest outage. Then again I have never had these devices factory reset they just reboot.
I would unplug your router a few times and see how often it resets. If it is common it might be cheaper to buy a different router than a battery backup but I run all my equipment on UPS. My computers tolerate small blips in the power but the router and modem seem to reboot on the smallest outage. Then again I have never had these devices factory reset they just reboot.
Isokolon
Judicious
- Jul 24, 2016
- 6,369
- 112
- 34,390
it really depends on how your ISP sets up his infrastructure.
I can only talk about the ISP I was working for. In that case, you can only access the router if you're either plugged in into the modem directly or use the remote access which only works with one (hardcoded) IP address + service login.
I'm not entirely sure what your concerns are. for external attacks I guess you're pretty save:
default IPs are behind the NAT in your network if it's a 192.168.X.X and literally don't matter. this just means that the DHCP server of your modem was back to stock settings
(in case you have no idea what I'm saying, what NAT or DHCP does, click at the spoiler)
for internal attacks, someone has to be able to connect to your router.
so s/he either has to plug into the thing and could then of course do anything within your network s/he desires.
or s/he would have to get your WiFi password-- but as you've said, those settings were unchanged? --and gain access that way. as for changes to the router it depends if your router accepts commands via WiFi-devices. not all do.
furthermore the internal network address of your router doesn't really matter (if that was what you were concerned about) since the gateway is usually detected automatically when connecting. Unless there's restricted access control and/or a completely separated virtual subnet that can't be guessed from the gateway's IP or an active "guest network", people who gain physical access to your internal network will always be able to stir things up.
fun fact: at the ISP I'm working for you can't change the login to the modem if you're buying a residential or business service plan. Only medium enterprise and large enterprise support channels offer that possibility here. Not that I say that this is a good thing, but from what I've heard it's not too uncommon.
If you have sensitive data and are truly worried about attacks and safety, I wouldn't use ISP equipment for my internal network. depending on your ISP and the used technology it might not be possible to use a different modem, but get a separated router by yourself for your internal network and install it behind the modem (and/or a firewall if you're really really concerned). The stuff your ISP supplies you with will always be accessible from the outside for service purposes and is usually rather cheap than true quality. Most of the time, more than sufficient for residential customers though.
I can only talk about the ISP I was working for. In that case, you can only access the router if you're either plugged in into the modem directly or use the remote access which only works with one (hardcoded) IP address + service login.
I'm not entirely sure what your concerns are. for external attacks I guess you're pretty save:
default IPs are behind the NAT in your network if it's a 192.168.X.X and literally don't matter. this just means that the DHCP server of your modem was back to stock settings
(in case you have no idea what I'm saying, what NAT or DHCP does, click at the spoiler)
your ISP assigns your modem an IP address. these depend on your location. let's say it's 212.150.12.5. Any website you visit identifies you as 212.150.12.50. the packets are sent to this address. the NAT(NetworkAddressTranslation) then takes these packets and sends them to the machine that was requesting it,
whether it was your laptop or your phone or your fridge. these devices have other addresses assigned, internal IPs that are not visible to outside sources. usually those start with 192.168.x.x. you can set static IPs on your devices (assign a specific address within the designated range of your router) to your phone/computer/etc. or you can let the router assign the IP automatically (DHCP). it will then assign IP addresses to all devices in an alphanumerical system in historical order, so the first device connecting will receive f.e. the 192.168.1.2, the second device .1.3 and so on.
those addresses are typically assigned for 24h unless configured differently on your router.
whether it was your laptop or your phone or your fridge. these devices have other addresses assigned, internal IPs that are not visible to outside sources. usually those start with 192.168.x.x. you can set static IPs on your devices (assign a specific address within the designated range of your router) to your phone/computer/etc. or you can let the router assign the IP automatically (DHCP). it will then assign IP addresses to all devices in an alphanumerical system in historical order, so the first device connecting will receive f.e. the 192.168.1.2, the second device .1.3 and so on.
those addresses are typically assigned for 24h unless configured differently on your router.
for internal attacks, someone has to be able to connect to your router.
so s/he either has to plug into the thing and could then of course do anything within your network s/he desires.
or s/he would have to get your WiFi password-- but as you've said, those settings were unchanged? --and gain access that way. as for changes to the router it depends if your router accepts commands via WiFi-devices. not all do.
furthermore the internal network address of your router doesn't really matter (if that was what you were concerned about) since the gateway is usually detected automatically when connecting. Unless there's restricted access control and/or a completely separated virtual subnet that can't be guessed from the gateway's IP or an active "guest network", people who gain physical access to your internal network will always be able to stir things up.
fun fact: at the ISP I'm working for you can't change the login to the modem if you're buying a residential or business service plan. Only medium enterprise and large enterprise support channels offer that possibility here. Not that I say that this is a good thing, but from what I've heard it's not too uncommon.
If you have sensitive data and are truly worried about attacks and safety, I wouldn't use ISP equipment for my internal network. depending on your ISP and the used technology it might not be possible to use a different modem, but get a separated router by yourself for your internal network and install it behind the modem (and/or a firewall if you're really really concerned). The stuff your ISP supplies you with will always be accessible from the outside for service purposes and is usually rather cheap than true quality. Most of the time, more than sufficient for residential customers though.
Facebook
Twitter
Instagram