Hughesnet Community

Can I log in to my modem from a remote location?

cancel
Showing results for 
Search instead for 
Did you mean: 
lorrie
Sophomore

Can I log in to my modem from a remote location?

Or do I need to be home?  Asking because I want to find out which devices are connected and how much data they are consuming.

 

Thanks.

1 ACCEPTED SOLUTION
GabeU
Distinguished Professor IV

@lorrie 

 

I think it's possible, but you're going to have to have remote access set up on your home computer, and you'd have to use something like VNC to do it (due to not having a static IP).  Then you'd have to remotely access the home computer to be able to access the modem's information pages.  It's convoluted, but I believe this is the only way it could work.  

 

If you're asking about a simple way to just remotely access the modem's information pages through the internet, then no, as the only way to access it is through a device directly connected to it, whether via an Ethernet cable or WiFi, hence the need to remotely access the computer directly connected to it.  

 

If someone else knows a way I'm sure they'll reply.  

View solution in original post

12 REPLIES 12
GabeU
Distinguished Professor IV

@lorrie 

 

I think it's possible, but you're going to have to have remote access set up on your home computer, and you'd have to use something like VNC to do it (due to not having a static IP).  Then you'd have to remotely access the home computer to be able to access the modem's information pages.  It's convoluted, but I believe this is the only way it could work.  

 

If you're asking about a simple way to just remotely access the modem's information pages through the internet, then no, as the only way to access it is through a device directly connected to it, whether via an Ethernet cable or WiFi, hence the need to remotely access the computer directly connected to it.  

 

If someone else knows a way I'm sure they'll reply.  

thank you.  I ask because I travel a lot for my job and need to make sure that when I come home to work from home, I still have data left (assuming the speed issues improve).  

If all you need to do is check your usage status, you can check it on your account web page from anywhere.


* Disclaimer: I am a HughesNet customer and not a HughesNet employee. All of my comments are my own and do not necessarily represent HughesNet in any way.
GabeU
Distinguished Professor IV


@MarkJFine wrote:

If all you need to do is check your usage status, you can check it on your account web page from anywhere.


While that's true for the overall data usage, it's not going to show her what's connected.  Still, even the modem pages aren't going to show her how much data each device is using.  Only a good 3rd party router with applicable software/firmware can do that.  Well, that and/or some type of data monitoring software, like Glasswire, installed on each device.    


@GabeU wrote:


While that's true for the overall data usage, it's not going to show her what's connected...


Right, but she's looking for something to look at when not at home, and just to see if there's data left.


* Disclaimer: I am a HughesNet customer and not a HughesNet employee. All of my comments are my own and do not necessarily represent HughesNet in any way.
GabeU
Distinguished Professor IV


@MarkJFine wrote:

@GabeU wrote:


While that's true for the overall data usage, it's not going to show her what's connected...


Right, but she's looking for something to look at when not at home, and just to see if there's data left.


That's not what I got from her opening post, but yes, she'll be able to do that.  

 

What I got was that, while away, she wants to be able to see what is connected, or was connected, and how much data each of those things used.  And to make sure that she still has some data when she gets home, which she'll be able to see from going online. 

 

Edit:  And I completely missed her reply to my post that alluded to what you stated. 

maratsade
Distinguished Professor IV

I got the same impression from this: "I want to find out which devices are connected and how much data they are consuming."  

 

Could something like LogMeIn work here?

 


@GabeU wrote:

What I got was that, while away, she wants to be able to see what is connected, or was connected, and how much data each of those things used.  


 

GabeU
Distinguished Professor IV


@maratsade wrote: 

Could something like LogMeIn work here?



@MarkJFine 

 

I wonder how hard it would be to create some on demand type thing where one could sign into something like the My Account site and have it access the modem's information pages.  We know that it's possible, as the reps have the ability to remote access our modem info, but I wonder how difficult it would be to make something like that available for the subscriber.  

 

Granted, I don't know that it would be used much, but it definitely could come in handy in cases like the OP's.  

 

Or, maybe even have it take an hourly snapshot that's uploaded to the site for later viewing.  It would use a little data, for sure, but maybe not so much that it couldn't just be included in any overhead that's not counted in the first place.  

 

Then again, I guess the end question is, would it be worth it?  The OPs question is actually the first I've ever seen of this type, so maybe it wouldn't be used by enough people for them to even bother with it.  

 

I'm just thinking out loud.  Perhaps I shouldn't do that.  😛  

I would think between the page I stated and the old by-hour thing (if it still exists) would work fine for what's needed.

Right now the modem doesn't show historic usage by device, but does show what's currently connected. Not sure how helpful that is because whatever was using data could have already disconnected and there's no way to discern the two... yet.

 

Technically, we know it's possible to make this available remotely 'somewhere'. The question we're not asking is 'should we'.

 

When it comes to things like this sometimes it's better to keep data that might be available out in the open to a minimum for security purposes. You certainly don't want someone being able to log directly into your modem to update it with something cURLed via remote code from a DigitalOcean, Alibaba, or Baidu botnet server so it becomes part of someone's Bitcoin mining operation (as an example).

 

I see logs of these kinds of things meant for IoT devices on a daily basis. They are indiscriminate and attack things incrementally sweeping through IPs with no DNS involved, looking for targets, using php vulnerability probing scripts that are as long as my arm. And, they're getting sneaky enough to use open proxies to hide behind so all you know is the signature of the attack, but no proof of the source.

 

Realize that sounds pretty grim, almost tin-hatted, but it's reality. I just spent two hours just dealing with the shenanigans my one site got hit with today.


* Disclaimer: I am a HughesNet customer and not a HughesNet employee. All of my comments are my own and do not necessarily represent HughesNet in any way.
GabeU
Distinguished Professor IV


@MarkJFine wrote:

I would think between the page I stated and the old by-hour thing (if it still exists) would work fine for what's needed.

Right now the modem doesn't show historic usage by device, but does show what's currently connected. Not sure how helpful that is because whatever was using data could have already disconnected and there's no way to discern the two... yet.

 

Technically, we know it's possible to make this available remotely 'somewhere'. The question we're not asking is 'should we'.

 

When it comes to things like this sometimes it's better to keep data that might be available out in the open to a minimum for security purposes. You certainly don't want someone being able to log directly into your modem to update it with something cURLed via remote code from a DigitalOcean, Alibaba, or Baidu botnet server so it becomes part of someone's Bitcoin mining operation (as an example).

 

I see logs of these kinds of things meant for IoT devices on a daily basis. They are indiscriminate and attack things incrementally sweeping through IPs with no DNS involved, looking for targets, using php vulnerability probing scripts that are as long as my arm. And, they're getting sneaky enough to use open proxies to hide behind so all you know is the signature of the attack, but no proof of the source.

 

Realize that sounds pretty grim, almost tin-hatted, but it's reality. I just spent two hours just dealing with the shenanigans my one site got hit with today.


Good reasons to not do it.  That's why I included you in the question.  You know better about this kind of stuff than I do.  

maratsade
Distinguished Professor IV

From what I've read about LogMeIn, it appears the OP could use it if it were installed at home and on a travelling laptop.  Security concerns are another issue, of course, and definitely to be considered seriously, but LMI is used widely and it seems to work well, and security risks are up to the user, who may choose to take a risk in exchange for perceived benefits. 

Just a few recent examples that came in direct to my server's IP to so I can drive home the security risks:

 

106.4.199.210 - - [11/Feb/2019:04:09:27 -0500] "CONNECT www.baidu.com HTTP/1.1" 400 0 "-" "-"

This is from a ChinaNet IP looking to proxy my server to www.baidu.com using a script that provides no user agent. I have CONNECT, OPTIONS, and PROPFIND methods all blocked, as well as anything attempting WebDAV access (another thing they like to exploit).

 

125.76.61.225 - - [11/Feb/2019:04:09:27 -0500] "GET http://api.ipify.org/ HTTP/1.1" 403 7187 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36Mozilla/5.01732016 Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55.0

This is from another ChinaNet IP looking to proxy using GET instead of CONNECT using a badly faked Chrome user agent, or Firefox, can't tell because they mangled it so bad. I have others where the UA actually starts with "User-Agent:", which is mildly humorous.

 

I'll save you the log listing, but there's one clear script kiddie from an Alibaba Cloud IP (also China) that starts at 05:16:56 and continues until 05:20:09 with about 300 GETs and POSTs probing for specific php-based vulnerabilities, all with accurate but faked user agents. There's another one later between 15:28:03 and 15:44:11 from Tencent Cloud Computing in Beijing, amongst others such as Baidu and Huawei.

 

An that's not even the scary stuff, because I can easily block those with a finely honed htaccess file for the ones coming in direct via IP, and using Cloudflare for those coming in by name server.

The scary stuff are the botnets that are designed to hijack IoT devices and modems:
46.17.47.173 - - [05/Feb/2019:11:45:50 -0500] "\x16\x03\x01" 400 0 "-" "-"
185.222.211.0 - - [10/Feb/2019:17:15:35 -0500] "\x03" 400 0 "-" "-"

That first one is from a Baxet server in Russia, the second from Outsource Grid in the UK, both are executing binary code.

 

There are others that contain inline textual code that are designed to download and replace firmware on your device (security cameras, modems, routers, etc. - anything externally addressable) so it can take control of it. I just don't have any examples atm, because they've been lying low with me lately.

 

The other scary ones are those that attempt rapid-fire/overload brute force logins of a Wordpress, Drupal, or other hosted blog site so they can implant malware within the hosted database and reroute visitors to get infected. Those are the ones that keep me up at night, because if they get in it's real difficult to override what they did before any real damage is already done.

 

So, that's my "frightened stiff" speech wrt the risks.


* Disclaimer: I am a HughesNet customer and not a HughesNet employee. All of my comments are my own and do not necessarily represent HughesNet in any way.