# BSNL quirked or some Hackers dugg into my PC?



## debsuvra (Nov 15, 2007)

From yesterday, when I am using my Ubuntu Feisty, I could not able to log in to my BSNL broadband. Every time login fails, looked at the log, it says CHAP authentication failed CONNECTION TERMINATED. 

Tried my MAC, same thing, authentication failed. 

Interestingly, when I finally able to log in today evening, I was shocked to see that my a/c was credited 830 MB for using from 11:30AM to 1:00 PM. I was not even started my computer back then, not the PC nor the MAC.

I changed the password now, but is it a example of Identity theft or is it BSNL's fault.  It never happened to me before.


----------



## RCuber (Nov 15, 2007)

pls post the screen shot of the usage from 11 to 2

I guess somebody had you password.. take caution and change you router password.


----------



## cool_techie_tvm (Nov 15, 2007)

Inform the nearest Internet exchange (NIB as its known over here). U will have to give a written complaint to them. These guys will start monitoring your account for any misuse and if it occurs, the other user will be suitable billed.


----------



## debsuvra (Nov 15, 2007)

Charan said:
			
		

> pls post the screen shot of the usage from 11 to 2
> 
> I guess somebody had you password.. take caution and change you router password.




Here is the screenshot from my MAC, check if that helps..  

*img209.imageshack.us/img209/4247/damnuseik6.th.jpg

One thing is that I use my computer only myself. So if someone got my router password, then will he able to use it remotely?


----------



## cool_techie_tvm (Nov 15, 2007)

Like mentioned, dont wait for the next attack to occur. Inform the NIB tomorrow itself and they will start monitoring your account.


----------



## praka123 (Nov 15, 2007)

remember ur exchange authorities also can login to ur account!(personal experiance!) so...may be thief in the ship itself!  go to some senior officer and have a writtern complaint!


----------



## cool_techie_tvm (Nov 15, 2007)

debsuvra said:
			
		

> One thing is that I use my computer only myself. So if someone got my router password, then will he able to use it remotely?



If your router's default password has not been changed, then one can easily access your router. And if u r in pppoe mode, your credentials are stored in the router itself, as it is the router which does the authentication. And lastly if your line is not port-binded anyone else can use it remotely.


----------



## RCuber (Nov 15, 2007)

debsuvra said:
			
		

> Here is the screenshot from my MAC, check if that helps..
> 
> *img209.imageshack.us/img209/4247/damnuseik6.th.jpg
> 
> One thing is that I use my computer only myself. So if someone got my router password, then will he able to use it remotely?



I guess these are torrent activities cause there are over 150 MB uploaded. 

I had read somewhere that one can scan a range of BSNL IP addresses and try to get into their router using the default password. This may not be true but I read it somethere.. may this forum itself. This is the reason I asked to change your router password...

By any chance did you give out you password to any of your friends?


----------



## debsuvra (Nov 15, 2007)

cool_techie_tvm said:
			
		

> If your router's default password has not been changed, then one can easily access your router. And if u r in pppoe mode, your credentials are stored in the router itself, as it is the router which does the authentication. And lastly if your line is not port-binded anyone else can use it remotely.



Yeah my default passwords are not changed, but I am in bridge mode, not in PPPOE mode. So, nothing is stored on the Router, then why is this happened?

UPDATE

After changing the Connection's password, at least today the account usage is exactly what I used. Let's see what happens in coming days.


----------



## ravi_9793 (Nov 15, 2007)

Looks like some illegal usage.
Inform to BSNL office.I cant say much about BSNL broadband, because I am not a dataone user.


----------



## dinesh_ymca (Nov 15, 2007)

Hi,
You need to log a complain with their helpdesk and then take the complain number. With reference to that complain number you can talk to to their seniors and get this issue checked. Also check that your pc is not having any virus. Scan your pc.
Regards
Dinesh
*Knowurtech.com
( Good technical articles )


----------



## ravi_9793 (Nov 15, 2007)

dinesh_ymca said:
			
		

> Also check that your pc is not having any virus. Scan your pc.


He has already mention that he has not used his PC for that period.Than how can any virus use bandwidth during those times.


----------



## debsuvra (Nov 15, 2007)

ravi_9793 said:
			
		

> He has already mention that he has not used his PC for that period.Than how can any virus use bandwidth during those times.


Yeah, I think this is a event of a keylogging or trojan. But I wonder how they managed to break into my MAC. I already heard of the MAC trojan, but I am sure I don't have it.


----------



## ravi_9793 (Nov 15, 2007)

debsuvra said:
			
		

> Yeah, I think this is a event of a keylogging or trojan. But I wonder how they managed to break into my MAC. I already heard of the MAC trojan, but I am sure I don't have it.


It can be done by some other ways also.


----------



## hmmmmmmmmmmmmm (Nov 15, 2007)

chnage ur router passrd dude..n dont use PPOE

lol..


----------



## ravi_9793 (Nov 15, 2007)

hmmmmmmmmmmmmm said:
			
		

> chnage ur router passrd dude..n dont use PPOE
> 
> lol..


yes..it is always recommended to change default password of modem/router...but No issue with PPPoE protocol.


----------



## praka123 (Nov 15, 2007)

bridge mode is better?atleast for linux/unix.i dont know passwd security in window$!


----------



## bluepearl (Nov 16, 2007)

Anybody for PPPoE
What is it?
I am on a shared modem connection
What is a router password and how to change it?

Is it the same one which I got from ISP as username/password?

I got similar problems with my YOU tele PPPoE connection 
I done torrent downloads of 150 Mbs
plus some Fedora updates of 200 Mbs

But in the bills it was 1200 MBs!! in 4 hrs??

Do they count torrent uploads too ??


----------



## RCuber (Nov 16, 2007)

^^ PPPoE is the technique which enables your modem/router to dial to your ISP instead of you having to enter password all the time. All routers/modems have configuration like WAN settings , NAT , DHCP ,firewall, PPPoE username/password etc etc, and to change that your need to access the routers settings page. 

You will access that page using a browser and entering the web address as 192.168.1.1 which is standard for most routers. These settings page require you to provide  a password , cause if there is no password anyone can change the settings .. 

By default the username is "admin" and password is also "admin"


----------



## ravi_9793 (Nov 16, 2007)

bluepearl said:
			
		

> Anybody for PPPoE
> What is it?


PPPoE is protocol and make our internet connection always ON.With PPPoE , we need only to turn ON our PC, and internet is connected.No dialing as like Dial Up connection.

PPPOE works on Dynamic IP.

PPoE gives following advantages:
1) Keeps Changing IP every time customer LOGINS.
2) Best suited for Residential Users.
3) Saves IP for service provider.



> I am on a shared modem connection
> What is a router password and how to change it?



For this you need to read user manual.All beetal modem default:
username-->> admin
password-->> password , it can be admin also for some modem.



> Is it the same one which I got from ISP as username/password?


No, this is different, and remember to change the default password given by your ISP.



> I got similar problems with my YOU tele PPPoE connection
> I done torrent downloads of 150 Mbs
> plus some Fedora updates of 200 Mbs
> 
> But in the bills it was 1200 MBs!! in 4 hrs??


yes..they will count upload also..because you are using bandwidth.

Do they count torrent uploads too ??[/QUOTE]


----------



## max_demon (Nov 16, 2007)

i am on bridge mode , i never was able to login with my hacked ids dunno why 
it is impossible to hack


----------



## ravi_9793 (Nov 16, 2007)

max_demon said:
			
		

> i am on bridge mode , i never was able to login with my hacked ids dunno why
> it is impossible to hack


I am not getting you exactly..can you explain little more.


----------



## bluepearl (Nov 17, 2007)

Thanks charan and ravi that was really helpful

But Ravi 192.168.1.1 is not opening up
Where to provide username/password ??


----------



## ravi_9793 (Nov 17, 2007)

bluepearl said:
			
		

> Thanks charan and ravi that was really helpful
> 
> But Ravi 192.168.1.1 is not opening up
> Where to provide username/password ??


you should enter gateway address in browser.
The default gateway is generally 192.168.1.1
but it may be different in your modem.Try this:
start-->>run-->> type cmd and press enter
Command prompt will open.There type
ipconfig/all

you will get the default gateway address.


----------



## max_demon (Nov 17, 2007)

ravi , i hacked many id's and i can log in to their bsnl acc. but i cant use their net .


----------



## ravi_9793 (Nov 17, 2007)

max_demon said:
			
		

> ravi , i hacked many id's and i can log in to their bsnl acc. but i cant use their net .


how did you hacked many IDs..and why you can't use them???


----------



## [xubz] (Nov 17, 2007)

ravi_9793 said:
			
		

> how did you hacked many IDs..and why you can't use them???


AFAIK, BSNL started Port-Binding all the accounts not-so-long-ago. (i.e. your Dataone account works only with the current port (in the DSLAM) your line is connected to)

I donno if thats the case with all the towns/cities, but it sure is in Bangalore.


----------



## ravi_9793 (Nov 17, 2007)

yaa......
BSNL has also done port binding..but I wonder how he hacked other accounts username and password.


----------



## [xubz] (Nov 17, 2007)

ravi_9793 said:
			
		

> yaa......
> BSNL has also done port binding..but I wonder how he hacked other accounts username and password.


Well, The default they gave me was 'password' when I got my Connection 2 months ago. 

So you can guess.


----------



## ravi_9793 (Nov 17, 2007)

^^^^^^^^^
ok got now.
Actually Airtel also used to give something like this, like suppose ur ID is
XXXXXXXX_xyz@airtelbroadband.in

than your password will be :
XXXXXXXX_xyz

But now they have changed, they give unique password to all user, also they have done port binding.


----------

