Converge ICT, one of the Major ISP's in the Philippines, has shipped ALL their Fiber ZTE F760L Modem Routers, with serious Security issues, they are listed here and below each issue, is the solution :
1. All the ZTE F760L modems come with a standard Setup password, the same on ALL the modems, and someone in Converge ICT has leaked this password to the internet, so anyone can access the modems and change whatever they want.
This is really bad, and happened because Converge ICT careless IT Department cloned all the modems with the same Config file, and didn't bother to assign individual Password linked to each modems serial number, before shipping them out. I raised this issue with them 2 years ago, but nothing has been done to rectify the situation, they just ignored it(as usual). I have raised it with them again, but still nothing has been done.
Solution : Access the modem on http://192.168.1.1 with
Username admin
Password Converge@zte123
Go to Administration -> User User Management ->WEB User Management
Type in the standard password from Converge ICT in Old Password Converge@zte123
Then type your New password make sure it is at least 8 characters long and has special signs. I would make it longer than 8 characters, as AI now can hack your password, since some Dumbasses carelessly made it available to anyone in the world(Google, Microsoft).
Confirm the New password
Click on SUBMIT in bottom right corner of the Setup screen.
You have now saved yourself from serious future headaches.
2. The WIFI password is written on the back of the modem, this again pose a serious Security issue, because anyone who can see the back of the modem, can access it through WIFI.
Solution : You have to change the standard password to one of your own.
Login into the modem on 5Ghz, as you did above, then go to Network -> WLAN Radio2.4G- > Security
Here you click the small check box next to WPA Passphrase, delete what is there and type your own WIFI password, make it longer than 8 characters and use special signs, when finished Click on SUBMIT in the bottom right corner of the screen.
Make sure to login to 2.4Ghz with this new password and make sure to write it down.
Next, Login into the modem on 2.4Ghz, as you did above, then go to Network -> WLAN Radio5G- > Security
Here you click the small check box next to WPA Passphrase, delete what is there and type your own WIFI password(For convenience you can use the same password as you did with the 2.4Ghz WIFI, or make a different one), make it longer than 8 characters and use special signs, when finished Click on SUBMIT in the bottom right corner of the screen.
Make sure to login to 5Ghz with this new password and make sure to write it down.
3. There is another security issue, Converge ICT set the modem to be able to accept any login through WIFI, all you need is the password, this is ok but this modem is not secure enough and anyone with a Password scanner app can get the Password to your WIFI, then use your internet for whatever they want, even illegal activities. Converge is aware of this, because I told them, they just don't care to fix it!
NOTE : Be aware, the following fix means that nobody can access your WIFI unless you add them yourself! Just do the same as below, for anyone you want to add to your WIFI.
Solution : Find your phones MAC Address either in your settings or on the Box it came in, write it down as you will need it next. Also make sure your phone is set to use Device MAC Address and not Randomized MAC Address.
Login to your WIFI as 5Ghz, go to Network -> WLAN Radio2.4G -> Access Control List and change the Mode from Disabled to Permit.
In the small boxes below add your MAC Address and click on Add, then click on SUBMIT. Make sure you can connect to the 2.4Ghz WIFI and then continue to next step.
If you can't connect, make sure your MAC Address is correct in the list below, if not then add the correct MAC Address and delete the wrong one.
Now login to the 2.4Ghz WIFI, go to Network -> WLAN Radio5G -> Access Control List and change the Mode from Disabled to Permit.
In the small boxes below add your MAC Address and click on Add, then click on SUBMIT. Make sure you can connect to the 5Ghz WIFI.
NOTE : If your Phone has different MAC Addresses for 2.4Ghz and 5Ghz, make sure to use the correct ones. Most cheap phones only have 1 MAC Address.
4. Converge ICT left the modem open to hackers, by not enabling Anti-Hacking Protection, I seriously don't understand this one, it means that anyone can hack your modem. A friend of mine has 21 unwanted users on his WIFI, I will be going there to fix that in the near future.
Solution : Go to Security -> Firewall and put a check in Enable Anti-Hacking Protection, then click on SUBMIT.
This what you can expect from Converge ICT, I can't recommend anyone to chose them as their ISP, their service level is good in the start, but after some time its really bad.
If you have issue with your connection, you might have to contact them 20 times before they fix it - IF they fix it - I am 3 months in a service, or lack of, that should have been fixed on April 23(they came April 28), my Fiber cable has a break that show up in strong wind, and only strong wind, so it can't be detected in their office or on the modem, because its Random and only for a few seconds to minutes. But it break any up/download! Support never read what I write, always assign new case numbers, and every new Agent have me do stupid shit to troubleshoot, which I have done 20 times before.
Stay safe and have a nice day😉
No comments:
Post a Comment
If you have comments then feel free to write them here. Please write in either english or danish, but no other languages(the comment will be removed) and no spam or advertizing please(it will be repported to Google).