1. Home
  2. pfSense® Software
  3. General pfSense Questions
  4. Compromised Modems

Compromised Modems

  • I

    I was just reading a news story about how hackers have found an exploit in the firmware of a modem manufacture.

    How would pfSense protect against a compromised modem since there is no way to put a firewall before the modem?

    0
  • Derelict
    LAYER 8 Netgate

    Well, it would still protect against unsolicited connections into WAN but it cannot protect what's outside of it.

    Still better than having a compromised modem that is also your firewall/router.

    Anything an ISP modem can see should be considered to be out on an untrusted network. As long as you're protecting data using encryption/authentication it doesn't really matter if the compromise is one link out or somewhere else out in the ISP's gear.

    0
  • J

    I think this depends to some extent on how you use the modem.

    If the modem initiates a PPP connection back to the ISP and you then forward all inbound WAN traffic to a PFS firewall / router then the modem probably gets a web facing address and is visible to the hackers.

    If the modem is in some form of transparent bridge mode ( many but not all bridge/routers can do this, including DSL conntion types ) and the PPP connection to the ISP is initiated by the PFS firewall/router then the modem will not get a web address so should be invisible from the web.  The "web facing" address will now be the WAN port on the PFS firewall and a hacker is faced with hacking PFS, not the modem.

    If this is incorrect please can someone explain further?

    J.

    0
  • F

    I have not read about this exploit but I know that most cellular modem modules use a CPU just like you would find in a mobile phone. These modules firmware can be updated 'over the air' by the carrier. These modules also contain a GPS device which can piggyback off the cellular antennas. So truly a Black Box if ever there was one. An embedded computer on a stick.

    In my mind the addition of GPS makes these worse than an ISP modem if only for locational data.

    On ATT Mobile I see twice as many port scans then I do with my home ISP. So somebody is looking. Maybe an easy attack surface.

    0
  • chpalmer

    @ibby1570:

    I was just reading a news story about how hackers have found an exploit in the firmware of a modem manufacture.

    How would pfSense protect against a compromised modem since there is no way to put a firewall before the modem?

    are you talking about the Puma 6 models?

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy