Go | New | Find | Notify | Tools | Reply | |
| Nature is full of magnificent creatures |
My brother is looking for a new DSL modem. I have a used one I bought as a backup a few years ago. He's heard they can harbor viruses or malware. I have no idea if there is any risk from that. Is there any reality to the risk? Thank you for your help. | ||
|
A Grateful American |
Yes. But not a problem. Most routers can be reset to the factory firmware, then upgraded to the latest, and that will eliminate almost 100% of your concern. Do a factory reset, and then upgrade to the latest firmware. Routers have EPROM (erasable/re-programmable, read only memory), meaning that the code can be written and changed. At a time when PROM (programmable, read-only memory was "burned" (the program code "written" to the operating memory chip) and it was permanent, and available when powered on. Prior to that, program/code had to be "reloaded" in some fashion each time the device was powered on. Then the EPROM, made "flashing" the OS to the memory and allowed the device(s) to be upgraded, patched or entirely new code/OS to be installed. At that point, the routers become both capable of longer use of life, and also susceptible to exploits and hacks by finding ways to insert code into the devices RAM (Random Access Memory) witch is addressable (accessible from within the running code/runtime operations). There are methods to prevent such things, but it is well beyond the scope of trying to put all of that in a forum like this. And all that said, even a "good/new" out of the box router may already have an exploitable "hole" that can be scanned and found within a short time of being connected and turned on. "the meaning of life, is to give life meaning" ✡ Ani Yehudi אני יהודי Le'olam lo shuv לעולם לא שוב! | |||
|
| Oh stewardess, I speak jive.  |
Its firmware can definitely contain unpatched-bugs that assist or otherwise allow malicious behavior, and I suppose some firmware can even contain malware or spyware itself. Ultimately I'd research the device itself, and any potential issues with its firmware, and ensure its running the best stable firmware, and it's probably fine. If a given device is so bad it can't even be patched, it'll be well documented. | |||
|
| Nature is full of magnificent creatures |
Thank you to you and to 46and2 for your replies. Once this is done, the risk of using a used model versus a new will not be a a concern? The modem is a Technicolor model. Hopefully they will have instructions on how to do the reset on their website. | |||
|
| A Grateful American |
*most* have a pinhole that you press and hold for 5-10 seconds, until the LEDs go off/on and then it should be back to factory settings. Some require hold the reset while off, and then power it on while continuing to hold for 5-10, and some have the ability to reset from within the "admin" mode through the menu or user interface. (the hard mechanical reset would be preferred) "the meaning of life, is to give life meaning" ✡ Ani Yehudi אני יהודי Le'olam lo shuv לעולם לא שוב! | |||
|
| Oh stewardess, I speak jive. |
The device itself is either updated to its latest firmware and is either secure or not. Whether it's used or not or how long it sat around has nothing really to do with it. | |||
|
| Nature is full of magnificent creatures |
That must be the hole with the big red circle and the writing "Reset" after it.  Thank you, again to you and to 46and2.I appreciate the help to make sure I do not fall into the well, as it were. Your kindness is sincerely appreciated. | |||
|
quarter MOA visionary |
While not impossible it is not generally a way that malicious code is usually transferred. I would say it would actually be very remote. Even if you had old firmware and even if you left it UNSECURED or with factory default credentials. Most of the time problems are from users initiating a communication with someone else with bad intentions from an email link, website link. So a router while possible (also the OP mentioned a 'modem' which is technically different from a router which is different from a Wi-Fi AP but I digress) it would be unlikely, IMO. | |||
|
| My other Sig is a Steyr.  |
The only scenarios other than what has already been discussed would be pinholes programmed into the firewall (if so equipped) and/or a VPN directing traffic through the bad guy's server. A firmware update may retain these settings. Used smartphones have been loaded in this manner and then sold at extremely cheap prices, but I don't know of a modem/router being modified in this way. Worst case scenario, it couldn't be worse than using Google. You can also check to verify that the VPI and VCI settings are correct for his service provider. Most ISPs will use a 0 and 35 setting. The older equipment could possibly be set to 8 and 35. Some modems will autocorrect for this, but if it doesn't connect using the correct user name and password, I'd check those next. Overall, there isn't much to worry about. | |||
|
| Nature is full of magnificent creatures |
Thank you. You are correct, I should have said router. In my defense, as sick as I felt today, I am grateful I typed something clear enough people could answer. smsshcultz, I also appreciate your continuing help, and your patience. I have learned from discussions here on SF IT is a much more precise profession than those of us who do not work in that field think about. That is, at least, until something goes wrong. | |||
|
| Nature is full of magnificent creatures |
Would these scenarios be addressed by a hard reset? | |||
|
| Winner |
Not totally impossible, a recent rare example: https://www.zdnet.com/article/...ptojacking-campaign/ https://www.symantec.com/blogs...cked-mikrotik-router but as pointed out in earlier posts, a "factory reset" to default settings, and an upgrade to the latest firmware should effectively eliminate the risk.This message has been edited. Last edited by: jlb226, | |||
|
| Powered by Social Strata |
 | Please Wait. Your request is being processed... |
|
© SIGforum 2024