For the series, big telcos are evil. Why did we subscribe an account with British Telecom then? Dont ask. But here I am, and for your own amusement (certainly not mine) I'm gonna tell you about this fine piece of hw they provide with their home adsl. Here it is in all its beauty:

Yes, it looks like a big fatty ipod! But it doesn't play your music and the interface's design isn't as clever, neither are its functionalities. Defaults are quite interesting: wireless enabled, no encryption, default admin/admin user/password, and if you connect to it you're greeted with a nice page disclosing lots of info about your settings, which is what the guest user has privs for.

The least you want to do at this point is to delete the guest user and change the admin password (if you wanted you could also create a different root user and get rid of the admin one). You cant even disable access to the control interface via wireless, like in all the routers I've seen in my life (*sigh*), so default settings arent really an option.Also it seems that whoever designed that thing decided that logging out was just a complication so it's been removed, thus if you share your box/user with someone and have logged in be aware that he/she has access to the router's configuration

The MAC filtering functionality has been reworked into an "allow by registration" permission level plus a scanning functionality, ie rather than having to input the MAC address you just scan for reachable devices and add it to the list. This is actually quite nice, altho the MAC filtering thingie is useless (see this article).

Then comes the most interesting part, NAT, or how they call it "Games an App sharing" *shurg*. Lame, isn't it? But there's worse: to help the user out when you create a new rule you can pick up a port/service from a predefined list, and that's cool. There's just a little problem: if it's not in the list you cant define it so forget egress, it cant be done :/.

In the latest version they actually removed the option but the previous versions of the firmware featured a "very nice" content filtering tab, which didn't say much but "Your web traffic is filtered". One could guess some form of filtering ala Squid but finding details was impossible and BT's customer support wouldn't know. Now that the option is gone I wonder what happened to that functionality, as far as I know it could still be there :/. Altho I haven't noticed any website being denied or content missing, so they might as well have completely disabled that functionality.

But the true horror is the auto-update functionality. The ISP has the rights, by an undocumented, unrequested and unsubscribable service, to upload new firmware to your router. And you should know what that means: if they can do it, so can someone else. I'll try to play with it shortly, see what I can get, maybe point some fuzzer at it, the best would be some ATM sniffer in front of it. If you are interested stay tuned!