Forum Discussion
Solved
Can I log in to my modem from a remote location?
Or do I need to be home? Asking because I want to find out which devices are connected and how much data they are consuming. Thanks.
I think it's possible, but you're going to have to have remote access set up on your home computer, and you'd have to use something like VNC to do it (due to not having a static IP). Then you'd have to remotely access the home computer to be able to access the modem's information pages. It's convoluted, but I believe this is the only way it could work.
If you're asking about a simple way to just remotely access the modem's information pages through the internet, then no, as the only way to access it is through a device directly connected to it, whether via an Ethernet cable or WiFi, hence the need to remotely access the computer directly connected to it.
If someone else knows a way I'm sure they'll reply.
maratsade wrote:Could something like LogMeIn work here?
I wonder how hard it would be to create some on demand type thing where one could sign into something like the My Account site and have it access the modem's information pages. We know that it's possible, as the reps have the ability to remote access our modem info, but I wonder how difficult it would be to make something like that available for the subscriber.
Granted, I don't know that it would be used much, but it definitely could come in handy in cases like the OP's.
Or, maybe even have it take an hourly snapshot that's uploaded to the site for later viewing. It would use a little data, for sure, but maybe not so much that it couldn't just be included in any overhead that's not counted in the first place.
Then again, I guess the end question is, would it be worth it? The OPs question is actually the first I've ever seen of this type, so maybe it wouldn't be used by enough people for them to even bother with it.
I'm just thinking out loud. Perhaps I shouldn't do that. :p
From what I've read about LogMeIn, it appears the OP could use it if it were installed at home and on a travelling laptop. Security concerns are another issue, of course, and definitely to be considered seriously, but LMI is used widely and it seems to work well, and security risks are up to the user, who may choose to take a risk in exchange for perceived benefits.
Just a few recent examples that came in direct to my server's IP to so I can drive home the security risks:
106.4.199.210 - - [11/Feb/2019:04:09:27 -0500] "CONNECT www.baidu.com HTTP/1.1" 400 0 "-" "-"
This is from a ChinaNet IP looking to proxy my server to www.baidu.com using a script that provides no user agent. I have CONNECT, OPTIONS, and PROPFIND methods all blocked, as well as anything attempting WebDAV access (another thing they like to exploit).
125.76.61.225 - - [11/Feb/2019:04:09:27 -0500] "GET http://api.ipify.org/ HTTP/1.1" 403 7187 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36Mozilla/5.01732016 Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55.0
This is from another ChinaNet IP looking to proxy using GET instead of CONNECT using a badly faked Chrome user agent, or Firefox, can't tell because they mangled it so bad. I have others where the UA actually starts with "User-Agent:", which is mildly humorous.
I'll save you the log listing, but there's one clear script kiddie from an Alibaba Cloud IP (also China) that starts at 05:16:56 and continues until 05:20:09 with about 300 GETs and POSTs probing for specific php-based vulnerabilities, all with accurate but faked user agents. There's another one later between 15:28:03 and 15:44:11 from Tencent Cloud Computing in Beijing, amongst others such as Baidu and Huawei.
An that's not even the scary stuff, because I can easily block those with a finely honed htaccess file for the ones coming in direct via IP, and using Cloudflare for those coming in by name server.
The scary stuff are the botnets that are designed to hijack IoT devices and modems:
46.17.47.173 - - [05/Feb/2019:11:45:50 -0500] "\x16\x03\x01" 400 0 "-" "-"
185.222.211.0 - - [10/Feb/2019:17:15:35 -0500] "\x03" 400 0 "-" "-"That first one is from a Baxet server in Russia, the second from Outsource Grid in the UK, both are executing binary code.
There are others that contain inline textual code that are designed to download and replace firmware on your device (security cameras, modems, routers, etc. - anything externally addressable) so it can take control of it. I just don't have any examples atm, because they've been lying low with me lately.
The other scary ones are those that attempt rapid-fire/overload brute force logins of a Wordpress, Drupal, or other hosted blog site so they can implant malware within the hosted database and reroute visitors to get infected. Those are the ones that keep me up at night, because if they get in it's real difficult to override what they did before any real damage is already done.
So, that's my "frightened stiff" speech wrt the risks.
