|
|
|
|
|
|
by moe4joey
538 days ago
|
|
|
Fiber can be connected at the PON usually, a lot of FTTH providers use splitters that are in a neighborhood. This is never done, for obvious reasons (usually the ONT is just set to a "locked" state if someone doesn't pay). I'm not sure about how well these exploits would work on the fiber ISP I used to work - most of the protections for "bad" ONT behavior is related to the light (a laser being stuck on or something else) in which case the ONT will throw an alarm and be disconnected automatically and a technician usually goes out and replaces it, restarts it, or they fix the fiber itself. There were some protections against malicious behavior as well, but you could certainly tell the vendor designed much more for physical issues with the ONT that could harm other customers rather than someone hacking the ONT. (AFAIK our ONTs didn't have an HTTP interface, but they were a lot different than the ones mentioned in this write up and were controlled via proprietary vendor software - still interested to know if they were able to be owned like this) |
|
|
OLT should inject vlans based on Mac/ID of the ONT+pon port, the only real vulnerability in ones I've designed is if someone on the same pon knows someone else's SN and thier service was subscribed but ont unplugged.