SLT Fibre is not Safe. Here’s the Solution
Did you know your “SLT Fibre” subscription could risk your privacy and data? A few days ago, I watched in dismay as an SLT technical team left my employer’s premises after installing an optical fibre connection without changing the default security settings. Yes! SLT Technicians have a wild west reputation for not securing new optical fibre installations properly. This is a threat because in Sri Lanka SLT Fibre is gaining ground among home users and business users. With each new SLT Fibre subscription, these technicians leave another subscriber exposed to a vast array of attacks. So today I want to share four steps to securing your SLT Fibre connection. While the last two steps are optional you must follow the first two steps with every new SLT Fibre subscription or any time you reset the router.
Change the default WiFi Password
Most home routers have their default WiFi password and the admin password printed at its base and the ZTE ZXHN F660 is not an exception. I attempted connecting to WiFi with that password and voila! I got online! When a malicious user connects to your WiFi, in addition to stealing your internet bandwidth he can take control of your internal network with the least effort (PCs, Smart Devices, Baby Monitors, CCTV etc.) All he needs to know is your router Make/Model and Google can find him the default WiFi password. Therefore, change it.
Change the default Admin Password
Unlike most routers, the ZTE ZXHN F660 doesn’t ship with the admin password printed at its base. However, default admin passwords for most routers are available online and the F660 isn’t off the hook. I found the login details by referring to the user manual SLT issues to its “SLT Fibre” customers (available online). In this case, I learned the default username is “user” as well as the default password. A malicious user gaining access to your router armed with this information can execute many unauthorized activities like rebooting the router during a Zoom meeting or mounting a DNS rebinding attack. Therefore, change it.
Change the default WiFi SSID
Like every other home router, the ZTE ZXHN F660 issued by SLT also broadcasts a default SSID. Usually, it’s SLT_FIBRE or a similar phrase. The problem with this SSID is you are advertising to the rest of the neighbourhood that you are the proud owner of an SLT Fibre subscription enticing snoopy teens to try and hack your WiFi signals to steal bandwidth. Change the SSID to anything but don’t use the term “fibre” in it. It’s nothing much but the idea here is to do everything in your ability to shield your SLT Fibre subscription from potential abuse.
Enable MAC Filtering & Install FING
These steps are no-brainers. With MAC Spoofing techniques you don’t need to make much of an effort to bypass MAC Filtering but like I said earlier the idea here is to do everything in your ability to shield your SLT Fibre subscription from potential abuse. Read “MAC Address Filtering: What It Is and How It Works” by Bradley Mitchell if you don’t know what MAC filtering is (No, it has nothing to do with McDonald’s!). Finally, get FING (Freemium App) for a bird’s eye view of all the devices connected to your router.
ISPs are directly responsible for securing the internet connections they provide to their customers. However, no amount of finger-pointing can reverse the damage caused by a malicious user. Therefore, we should be aware of even the basic measures we can take to protect our information. Although I wrote this post around the issues related to SLT Fibre, I have also spotted the same issues with other internet service providers. For example, Dialog doesn’t warn the customers to change the default admin credentials and WiFi passwords in the 4G routers they issue to Dialog 4G Home Broadband users. Therefore, you can follow the above instructions with every internet connection regardless of the ISP. Use this form to submit a tech support request in the event you do not know how to implement these instructions yourself. I will be glad to help you for a nominal fee.
I seek to foster thoughtful and respectful dialogue. Toward that end, I require that you use your full name when commenting. Also, any comments with profanity, name-calling, and/or a nasty tone will be deleted.