About the features of the security settings "Internet from MGTS"
Now in the South-Western Administrative District of Moscow (and perhaps throughout the entire capital) MGTS telephone equipment is being replaced - two-core copper wires are being replaced with optical fiber. Engineers come to your home, install a router, plug in your old RJ11, and the copper wire is de-energized. This is done for free and rather obtrusively, MGTS claims that those subscribers who now refuse to replace equipment for free will later have to do the same for their money (which, apparently, is directly against the laws, but the post is not about that). The router, of course, is powered from a 220V outlet, i.e. The subscriber's bill for electricity will now be more. In addition, if electricity is turned off in the house, the landline phone also turns off (since the router is de-energized). But it is not about that either.
It's about the amazing resourcefulness of MGTS engineers who came up with the following “system” of WiFi security settings for these routers. Each such router has a mgts278 format SSID, where the number 278 is the apartment number in which the device is installed. And the password to this router has the format 4954257998, i.e. just the phone number of the apartment. At the same time, ALL subscribers in the router have Internet, which is distributed according to this SSID. Specific examples: one subscriber uses the Internet of another provider, but his MGTS-router conducts Internet broadcasting according to the scheme described above. Another subscriber at home does not have a single computer at all, but she also has a WiFi network and distributes the Internet.
But free internet is good. Bad is another. It is enough for a potential attacker to learn how to associate an apartment number and a telephone number in order to, say, leave the whole house without a fixed connection, calling on each router and destroying or changing IP-telephony profiles (and at the same time IP-TV, if the subscriber has ). Or, say, you can try to steal someone's city number (as they used to steal ICQ numbers), simply by changing the MAC addresses of your and others router (this, however, is only my hypothesis).
I gave examples of quite specific ones, I visited these routers myself. mgts278 is the name of the network of the apartment where I live (and its number is 4954257998). Of course, I changed the password from the network on my router, but many people who are not obliged to understand this at all, and MGTS leaves their city phone completely vulnerable to the attack options described above.
It's about the amazing resourcefulness of MGTS engineers who came up with the following “system” of WiFi security settings for these routers. Each such router has a mgts278 format SSID, where the number 278 is the apartment number in which the device is installed. And the password to this router has the format 4954257998, i.e. just the phone number of the apartment. At the same time, ALL subscribers in the router have Internet, which is distributed according to this SSID. Specific examples: one subscriber uses the Internet of another provider, but his MGTS-router conducts Internet broadcasting according to the scheme described above. Another subscriber at home does not have a single computer at all, but she also has a WiFi network and distributes the Internet.
But free internet is good. Bad is another. It is enough for a potential attacker to learn how to associate an apartment number and a telephone number in order to, say, leave the whole house without a fixed connection, calling on each router and destroying or changing IP-telephony profiles (and at the same time IP-TV, if the subscriber has ). Or, say, you can try to steal someone's city number (as they used to steal ICQ numbers), simply by changing the MAC addresses of your and others router (this, however, is only my hypothesis).
I gave examples of quite specific ones, I visited these routers myself. mgts278 is the name of the network of the apartment where I live (and its number is 4954257998). Of course, I changed the password from the network on my router, but many people who are not obliged to understand this at all, and MGTS leaves their city phone completely vulnerable to the attack options described above.
')
Source: https://habr.com/ru/post/185546/
All Articles