Anyone running C-Data OLTs?

• Previous message (by thread): Anyone running C-Data OLTs?
• Next message (by thread): Anyone running C-Data OLTs?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The “WAN” port of an OLT _is_ it’s management port. Data, IPTV, and VoIP traffic pass on VLANs, typically encrypted. These are passive optical network (PON) devices, where all CPE in a group of, say, 32 premises receive the same light via an optical splitter. Thus network partitioning is a requirement of the architecture. There is no concept of a traditional “WAN” port facing the Internet.

-mel via cell

On Jul 10, 2020, at 12:21 PM, Owen DeLong <owen at delong.com> wrote:


Um, from the article it appears that this isn’t on the Management interface, but the WAN port of the OLT.

Owen


On Jul 10, 2020, at 11:01 , Mel Beckman <mel at beckman.org<mailto:mel at beckman.org>> wrote:

But who, who I ask, opens their management interface to the public Internet?!?!

Maybe this is vulnerability if you have a compromised management network, but anybody who opens CPE up to the Internet is just barking mad :-)

-mel via cell

On Jul 10, 2020, at 10:00 AM, Owen DeLong <owen at delong.com<mailto:owen at delong.com>> wrote:

 https://www.zdnet.com/article/backdoor-accounts-discovered-in-29-ftth-devices-from-chinese-vendor-c-data/?ftag=TRE-03-10aaa6b&bhid=29077120342825113007211255328545&mid=12920625&cid=2211510872

Wow… Just wow.

Owen


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20200710/55aebbe9/attachment.html>

• Previous message (by thread): Anyone running C-Data OLTs?
• Next message (by thread): Anyone running C-Data OLTs?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]