Re: Yondoo provided router, has "password" as admin pw, won't let us change it

Wed Feb 8 16:22:14 UTC 2023

The first router would still be vulnerable, and through it the second router.

On 8 February 2023 16:06:07 UTC, Josh Luthman <josh at imaginenetworksllc.com> wrote:
>What's the problem with double NAT?  I can't imagine an elderly mom trying
>to host Xbox games - which is 95% of the problem with double NAT these days
>(the other 5% being Ubiquiti bros having to access their Unifi router from
>anywhere).
>
>Your screenshots didn't come through, I suspect it's stripped via the
>mailing list, but there's no model number specified anywhere.
>
>NANOG really isn't the best place for this, but I don't know where else you
>would be able to go besides what you've already done:  Yondoo support.
>
>On Tue, Feb 7, 2023 at 9:17 AM TACACS Macaque via NANOG <nanog at nanog.org>
>wrote:
>
>> Hi,
>>
>> Long time lurker, first time poster. Sorry in advance if this is the wrong
>> forum for something like this.
>>
>> My mom's ISP (Yondoo) seems to be providing DOCSIS 3.1 CPE (Customer
>> Premises Equipment) with a built-in router, without providing the ability
>> to change the admin password from "password" on it.
>>
>> [image: Screenshot 2023-02-03 at 9.49.15 PM.png]
>>
>> [image: Screenshot 2023-02-03 at 9.51.51 PM.png]
>>
>> Their customer service rep said that this is not only WAI, but also wanted
>> to charge her $50 to have a tech come out and change it. Which is obviously
>> less than ideal.
>>
>> That aside, this seems like a pretty egregious security standard which,
>> from my understanding, can have fairly dire security implications... e.g.,
>> DNS server settings can be pointed at whatever someone wants here.
>>
>> My mom is elderly and had already fallen victim to a call center scammer a
>> couple years ago. They briefly took control over her laptop before she
>> called for backup. So I'm just a little concerned that we have no control
>> over changing this router's admin password — from “password” — in a pinch,
>> without waiting for a truck roll && shelling out $50.
>>
>> I've sent her a DOCSIS 3.1 modem that doesn't have a router built-in, in
>> hopes that they'll let us bring our own. She does have Google Wifi, but we
>> can't even put their router into bridge mode. So she would be double NATed
>> *and* have no control over changing the admin password on the first
>> router.
>>
>> Anyone have any experience with Yondoo? I've tried reaching out to them on
>> multiple fronts, but have yet to hear back from them on this. A tech is
>> scheduled to come out tomorrow, so the plan is to beg (bribe?) them to let
>> us use our own modem and then take it from there.
>>
>> Thanks,
>> Todd
>>

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20230208/384c87b4/attachment.html>