Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Psi

Psi

11 posts

Geek


#119152 22-May-2013 12:30
Send private message

I installed a Tenda W150D at a friends place 2 weeks ago and their internet usage jumped
from 200-600MB/day  to  2-15GB/day.

At first i thought it was the typical reasons, unsecured Wifi/WPS, virus/rootkit on PC etc..
However after checking and ruling them all out we contacted the ISP (Telecom).
(We thought it might be someone else's usage getting crossed with theirs.)

The response back from telecom was...

----------
This is the sixth case in the last week where people with Tenda modems notice this behaviour. With 4 of my cases we have proved the fault to the Tenda modem itself, and we're waiting back on information for the fifth case. Because of this I think there is a high chance in your case that the modem is also causing the issue. Do you have another modem (maybe an old Telecom one) lying around we'd be able to plug in for the time being to prove/disprove that the Tenda modem is at fault? Alternatively would it be possible to borrow a modem off a family member for one night so we could prove the same thing?

Complex Technical Support
Telecom NZ

-----------

There are likely many other people with Tenda modems with this issue and they may not even known it.
(I have informed PBTech of the issue)

So, if you have a Tenda W150D, or any Tenda. There is a potential security risk.
(It is still unknown what the extra traffic is.)




View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2 | 3 | 4
johnr
19282 posts

Uber Geek
Inactive user


  #823495 22-May-2013 12:39
Send private message

Did the usage go back to normal after swapping back to the other modem?

JamesL
956 posts

Ultimate Geek
Inactive user


  #823496 22-May-2013 12:40
Send private message

It's probably an open DNS resolver issue

Try using something like this http://www.kloth.net/services/nslookup.php

Under server use the wan ip of your friend

 
 
 
 


eXDee
4025 posts

Uber Geek

Trusted

  #823549 22-May-2013 14:09
Send private message

JamesL: It's probably an open DNS resolver issue

Try using something like this http://www.kloth.net/services/nslookup.php

Under server use the wan ip of your friend


This. It'll be having no firewall enabled for DNS on the WAN interface.

Psi

Psi

11 posts

Geek


  #823554 22-May-2013 14:17
Send private message

johnr: Did the usage go back to normal after swapping back to the other modem?


I dont know yet, i just got the news today. I will probably go around to their house tonight and check.


JamesL: It's probably an open DNS resolv

er issue

Try using something like this http://www.kloth.net/services/nslookup.php

Under server use the wan ip of your friend


Thanks, i will check that tonight.

sbiddle
29284 posts

Uber Geek

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  #823570 22-May-2013 14:57
Send private message

eXDee:
JamesL: It's probably an open DNS resolver issue

Try using something like this http://www.kloth.net/services/nslookup.php

Under server use the wan ip of your friend


This. It'll be having no firewall enabled for DNS on the WAN interface.


I'll put $1 on it being this as well.


Psi

Psi

11 posts

Geek


  #823573 22-May-2013 15:06
Send private message

If the issue does turn out to be a WAN DNS problem should adding a pinhole from port 53 to a non existent lan IP fix it
(Assuming the router has no firewall option for DNS i can enable)

Kyanar
3214 posts

Uber Geek

Trusted
Subscriber

  #823610 22-May-2013 16:18
Send private message

Psi: If the issue does turn out to be a WAN DNS problem should adding a pinhole from port 53 to a non existent lan IP fix it
(Assuming the router has no firewall option for DNS i can enable)


Not really.  The data is counted at your ISPs end so you'll still be charged for the DNS requests coming in to your IP.

Telecom should be able to switch you to a new IP or something I'd assume.

 
 
 
 


Psi

Psi

11 posts

Geek


  #823614 22-May-2013 16:20
Send private message

Kyanar:
Psi: If the issue does turn out to be a WAN DNS problem should adding a pinhole from port 53 to a non existent lan IP fix it
(Assuming the router has no firewall option for DNS i can enable)


Not really.  The data is counted at your ISPs end so you'll still be charged for the DNS requests coming in to your IP.

Telecom should be able to switch you to a new IP or something I'd assume.


i'm aware that it wont stop traffic from being counted.

but if it stops the DNS requests from being answered then people should stop sending them.

Zeon
3645 posts

Uber Geek

Trusted

  #823648 22-May-2013 17:00
Send private message

Psi:
Kyanar:
Psi: If the issue does turn out to be a WAN DNS problem should adding a pinhole from port 53 to a non existent lan IP fix it
(Assuming the router has no firewall option for DNS i can enable)


Not really.  The data is counted at your ISPs end so you'll still be charged for the DNS requests coming in to your IP.

Telecom should be able to switch you to a new IP or something I'd assume.


i'm aware that it wont stop traffic from being counted.

but if it stops the DNS requests from being answered then people should stop sending them.


Very true.




Speedtest 2019-10-14


JamesL
956 posts

Ultimate Geek
Inactive user


  #823651 22-May-2013 17:08
Send private message

No harm trying, but I'd just scrap the modem altogether.. sounds like a cheap piece of...

eXDee
4025 posts

Uber Geek

Trusted

  #824248 23-May-2013 17:54
Send private message

Just found a user on Snap who has my old ipv4 IP with a Tenda modem, and sure enough, it responds to DNS queries.

Letting them know, hopefully they inform the customer.

edit: oh man. This thing not only presents its web interface, but responds to telnet. And when you get the password wrong... it tells you it?!

BCM96328 Broadband Router
Login: admin
Password:
______________________admin,*********_______________________



These things are shocking! And no i didn't touch anything, before anyone asks, i immediately disconnected and have sent snap a message on Twitter.

Psi

Psi

11 posts

Geek


  #824296 23-May-2013 18:28
Send private message

Wow, that really is bad.

I will post here when i have more info about this specific Tenda modem

But yeah, from what you've said this does seem to be the problem.





plambrechtsen
1948 posts

Uber Geek
Inactive user


  #824328 23-May-2013 19:13
Send private message

There are a number of modems that suffer from poor security...

Feel free to read about how the Internet Census 2012 was done.....

Thankfully all Telecom supplied modems don't suffer from this problem as we check them before the firmware gets signed off. Can't say the same for all modem providers.

So now the real question. Since the internet census is out there is the onus on customers who are running non Telecom supplied modems that are insecure be on the ISP? Or does responsibility fall on the customer?

freitasm
BDFL - Memuneh
68884 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #824333 23-May-2013 19:17
Send private message

I think if the customer buys/uses a cheap modem not supplied by the ISP then all traffic and implications of lack of security lies on customer.

Same as running a PC without antivirus then having problems...

/Devil's Advocate





 

 

These links are referral codes

 

Geekzone broadband switch | Eletcricity comparison and switch | Hatch investment (NZ$ 10 bonus if NZ$100 deposited within 30 days) | Sharesies | Mighty Ape | Backblaze | Coinbase | TheMarket | My technology disclosure


cyril7
7850 posts

Uber Geek

Trusted
Subscriber

  #824334 23-May-2013 19:22
Send private message

plambrechtsen: There are a number of modems that suffer from poor security...



I dont think this counts as poor security, there are other words not suitable for prime time to describe such incompetence.

Cyril

 1 | 2 | 3 | 4
View this topic in a long page with up to 500 replies per page Create new topic





News »

Huawei launches IdeaHub Pro in New Zealand
Posted 27-Oct-2020 16:41


Southland-based IT specialist providing virtual services worldwide
Posted 27-Oct-2020 15:55


NASA discovers water on sunlit surface of Moon
Posted 27-Oct-2020 08:30


Huawei introduces new features to Petal Search, Maps and Docs
Posted 26-Oct-2020 18:05


Nokia selected by NASA to build first ever cellular network on the Moon
Posted 21-Oct-2020 08:34


Nanoleaf enhances lighting line with launch of Triangles and Mini Triangles
Posted 17-Oct-2020 20:18


Synology unveils DS16211+
Posted 17-Oct-2020 20:12


Ingram Micro introduces FootfallCam to New Zealand channel
Posted 17-Oct-2020 20:06


Dropbox adopts Virtual First working policy
Posted 17-Oct-2020 19:47


OPPO announces Reno4 Series 5G line-up in NZ
Posted 16-Oct-2020 08:52


Microsoft Highway to a Hundred expands to Asia Pacific
Posted 14-Oct-2020 09:34


Spark turns on 5G in Auckland
Posted 14-Oct-2020 09:29


AMD Launches AMD Ryzen 5000 Series Desktop Processors
Posted 9-Oct-2020 10:13


Teletrac Navman launches integrated multi-camera solution for transport and logistics industry
Posted 8-Oct-2020 10:57


Farmside hits 10,000 RBI customers
Posted 7-Oct-2020 15:32









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.