Oh, too bad. The newer version of Swisscom's (Motorola) modem has a physical WLAN on/off button on it, which is really nice and convienient. That's something I'd like to see more WLAN routers have, because leaving your WLAN on 24/7 isn't really good/necessary, and it's a pain to log in from a desk-top to have to turn it on/off all the time. A physical switch is perfect.

Hi everyone

We would like to take advantage of the situation to rectify the security concerns mentioned in this thread:

The modem/router doesn’t carry the vulnerabilities mentioned in this thread’s title. The device is being directly provided by the manufacturer to all upc affiliates. However, the device is finally subjected to country-specific adaptations. These have been fulfilled on the software as well as the hardware level.

The manufacturer prints the individual SSIDs and passwords directly onto the bottom of the device. As these are randomly generated unique identifiers, we don’t consider this situation as being a security threat whatsoever. The WiFi encryption standard employed is WPA2 PSK – the most secure WiFi encryption standard known to date.

The modem’s not remotely accessible via its external (WAN) IP address. As the administration panel’s login credentials are generic, publicly-known identifiers, enabling external access would pose a significant security threat for the customer as well as the network. Therefore, we are blocking this access method.
However, accessing the admin panel via LAN – be it via wired or wireless connection – is possible, as long as the client trying to connect to the administration interface has already established a successful connection to the router beforehand.

As of today, the modem can’t be utilized as a bridge as-is. We will enable this functionality shortly. Same applies to the wireless button on the device’s side, which will be offered the option to be deactivated.

“Hidden SSID”
The router’s SSID isn’t being publicly broadcasted. However, as you may know, it’s possible to unscramble the SSID with appropriate tools and devices. An IP address is still not automatically acquired by those means. Maybe we can find a way to hide it.

Why aren’t all settings accessible?
This is our first offering of such a multi-purpose device. With this launch we wanted to satisfy the needs of a majority of customers who wish to access the internet wirelessly through a relatively easy to use, compact, combined modem/router device.
Incorrectly executed manipulations could impair the service quality and customer experience massively, which in turn complicates the support efforts done by our employees in the customer care department. In our opinion, the router offers a solid balance of options which covers the needs of the vast majority of our customer base.

We’d like to thank you for your comprehension and wish you many joyful hours with our new products.


upc cablecom
====================
upc-cablecom.ch
twitter.com/upc_cablecom

Do you sell Beer ?

cablecom joined the EF??

Danger! Danger!


Billag will be next...

Thank you for this response. It is nice to know Cablecom visits these forums and takes our concerns seriously.

Firstly, the title of the thread is correct. A router with a default password of "password" and no username is a security risk.
A router with the WEP key stamped on the bottom, with no user manual telling the user how to change it, is a security risk, anybody picking up the router can get the password, cleaners , service staff ;Cablecom Staff, Post Office staff could all have had sight of this password.
Passwords should be managed by the user, not stamped onto devices and kept the same, not ever being changed.

Moving on,

Will you be publishing a manual for the router or have detailed information on your web site that might avoid public discussions such as the one here ? Without such knowledge users might not know how to change the router password and encryption key, something which should be done on a regular basis.

Also, as my firmware date preceeds the fix date for the vulnerabilities concerned , can you please explain how my router has been upgraded to fix such issues ?

Also, if further problems come to light, how does a user upgrade the firmware, or are we stuck with this version for the life of the router and exposed to any future vulnerabilities ?

Also, do you see the USB port becoming enabled in future releases ? It's a real plus point to have a working USB port on a router for sharing files/printers etc.

Finally, why is the SNMP port open and responding to requests ?

All routers or other home IP products have default passwords of "admin" or something like that. How is this different? You have to be logged locally into your home network to enter the password, remote access is disabled, right?

Other ISP's usually just download new firmwares to your router, I would guess Cablecom could do the same?

Yea, why disable the USB port? Swisscoms TV box also has a castrated USB port. I was excited when I first saw it thinking I could put a USB stick there and play some media files...but noooooo. Why? Technically, it's possible and not too complicated. What do ISP's have against UBS ports?

Maybe, but you are prompted to change it on first login, and they supply a manual which shows you how.

Really ? Who does this ? I have never known an ISP to upgrade my router...Cablecom say they have no access to the router.

Swisscom, for example.
WARNING!!! Netopia 3397GP Firmware upgrade

A user initiated upgrade...by a knowledgeable fellow. Via Swisscom.

How does this apply to Cablecom ?

Huh? The Swisscom router firmware upgrade was done to me (and others) by Swisscom, without my knowledge. It was not "user initiated".

How does it apply to Cablecom? They could upgrade your routers firmware remotely. Or at least they should be able to. Call them and ask.

From The horses mouth...

What does the average Cablecom customer know about Firmware, and that it needs to be updated now and again anyhow ?

They probably mean remote access on the Layer 3 (internet) is disabled, but the ISP should still be able to access the modem on the Layer 2 link (data link layer) and do config changes and firmware upgrades. It would be a pretty bad move if Cablecom is sending out modems that they have no control over.

Any ETA on the availability of the "bridge" feature ?

I've asked Cablecom yesterday morning about getting the Ubee model instead if I change my subscription to Power Combi, after another call today afternoon they're still investigating if it's possible.

i want to log into the router page for this modem which i just received, so that i can change my wifi network name from the default UPC one and also to change the password to a WPA one.

to log into the router page for the thomson, i put in a http://192.168.0.1 into my web browser and it asks for a name and password. If i leave the name empty and type "password" into the password field, it also does not accept this as valid.

Anyone know exactly what I am doing wrong?

PM sent/replied to.

Also, try a blank username with "admin" as the password... There are variants on this. If this works, I will correct my post.

It was definitely username: "(blank)" password: "admin" for me.

I ordered the FP100 and didnt change my modem as I was happy with it. After a week my internet stopped working though as my service was changed to the new mac address of the new modem. I installed the new modem and am actually positiviely surprised. 99% of the options I wanted are included...

Sorry all, I screwed up the original post in my haste. Corrected now. Login credentials as per the above.

Hey quick question,

I tried to remotely log in to my router via WAN IP:8080 but cant. I activated the remote config setting, but the page just times out. Do I have to set up anything else?

What side of the router were you trying remote admin from ? Were you still at home or were you truly remote (at the office per se) ?

I have yet to test WAN access, and Cablecom say it is not possible...