Today the software and the devices we use are more data intensive and the amount of data they are using is quite high.
SLT or Sri Lanka Telecom forced users like me to chance to a connection which provides higher data speeds,yet having a Fair Usage Policy Quota by making the previous connection very slow.
But now this quota is proving to be not enough and needs to be increased if we are to have a proper internet experience.
Youtube, Facebook and all the other commonly used websites now stream all the media in HD. So if you watch a 20 minute video it consumes more than 1GB. How on earth we are supposed to cope with 20GB???
I am a regular internet user who has not downloaded a single torrent in the last month. Yet my speeds are reduced. Is this really Fair??
Join with me to sign the following petition on Change.Org and force SLT to be more customer focused than being just another ISP.
Short URL: http://tiny.cc/sltadsl
Actually any system or device has the risk of being hacked. But if you are not using the available security measures then you can easily get hacked. It’s the same issue with SLT ADSL users also. Many don’t know the security level of the equipment they use and also an average user may not have all the technical capabilities about routers and other networking stuff. So if a user gets hacked or his accounts get misused who gets the responsibility. I’m quite sure SLT want, but actually they should be held responsible for configuring the equipment insecurely.
I will not tell how to hack through SLT routers, but I will explain the possibility of these threats.
- If I have the knowledge on the SLT ADSL assigned IP ranges I can do a port scanning to find the active IPs and even the services running on the on various ports. For this there are more than enough port scanners and vulnerability scanners available. You can Google if you really want to know about them. There are very good open source tools available such as nmap.
- Main issue with SLT is that when they configure the routers they keep the default device passwords intact.
- So when trying to logon to those IPs most of the time the router models are also revealed and you can easily find the default password from the manufacturer’s site.
If you cannot find the manufacturer still there are only very few username, password combinations. You can try few randomly.
- Admin, admin
- Admin, 12345678
Other than a few knowledgeable users everyone else are using the default passwords.
- Get access to the router and you could steal the ADSL user name and password. (If you have a low bandwidth connection or a lesser quota remaining then you can hack and use someone else’s user details. this was possible some time back and I’m not sure whether SLT has blocked this)
- Allow access to various protocols and ports
- You name it …
- Also the standard routes provided with SLT are not having the comprehensive security which most of the other widely available routers have. So it’s ideal if you only buy the connection from SLT and buy a known router which has most of the security enabled by default. Don’t fall for offers they give on routers. The seasonal cheap price is the actual price they buy the routers from the manufacturers. So you can expect advanced security 😛
Also many users have their wireless security off so the neighbors don’t need to buy an internet connection. You may think that you don’t need this but there is a huge risk in this. You are trying to stop external attacks with antiviruses and firewalls. But a person who comes to an unsecured network will not be an outsider. So the attacks are much easier. They can hack into most of the computers routers and completely destroy the network. Any criminal activities carried out through your network will be on your account. So better to be careful I guess 😛
There are laws but very few know about them and very few will know and use them. Even if they use them a hacker will be very careful to leave very few traces.
SLT should never configure the equipment with these two vulnerabilities for their own benefit and make the users unsecure. Of course if you are savvy on this better to implement this or get the services of a savvy person.
Related Posts: Sri Lanka Telecom: Increase the data quota given for ADSL Connections