Forum Discussion
Can I log in to my modem from a remote location?
Or do I need to be home? Asking because I want to find out which devices are connected and how much data they are consuming. Thanks.
I think it's possible, but you're going to have to have remote access set up on your home computer, and you'd have to use something like VNC to do it (due to not having a static IP). Then you'd have to remotely access the home computer to be able to access the modem's information pages. It's convoluted, but I believe this is the only way it could work.
If you're asking about a simple way to just remotely access the modem's information pages through the internet, then no, as the only way to access it is through a device directly connected to it, whether via an Ethernet cable or WiFi, hence the need to remotely access the computer directly connected to it.
If someone else knows a way I'm sure they'll reply.
From what I've read about LogMeIn, it appears the OP could use it if it were installed at home and on a travelling laptop. Security concerns are another issue, of course, and definitely to be considered seriously, but LMI is used widely and it seems to work well, and security risks are up to the user, who may choose to take a risk in exchange for perceived benefits.
Just a few recent examples that came in direct to my server's IP to so I can drive home the security risks:
106.4.199.210 - - [11/Feb/2019:04:09:27 -0500] "CONNECT www.baidu.com HTTP/1.1" 400 0 "-" "-"
This is from a ChinaNet IP looking to proxy my server to www.baidu.com using a script that provides no user agent. I have CONNECT, OPTIONS, and PROPFIND methods all blocked, as well as anything attempting WebDAV access (another thing they like to exploit).
125.76.61.225 - - [11/Feb/2019:04:09:27 -0500] "GET http://api.ipify.org/ HTTP/1.1" 403 7187 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36Mozilla/5.01732016 Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55.0
This is from another ChinaNet IP looking to proxy using GET instead of CONNECT using a badly faked Chrome user agent, or Firefox, can't tell because they mangled it so bad. I have others where the UA actually starts with "User-Agent:", which is mildly humorous.
I'll save you the log listing, but there's one clear script kiddie from an Alibaba Cloud IP (also China) that starts at 05:16:56 and continues until 05:20:09 with about 300 GETs and POSTs probing for specific php-based vulnerabilities, all with accurate but faked user agents. There's another one later between 15:28:03 and 15:44:11 from Tencent Cloud Computing in Beijing, amongst others such as Baidu and Huawei.
An that's not even the scary stuff, because I can easily block those with a finely honed htaccess file for the ones coming in direct via IP, and using Cloudflare for those coming in by name server.
The scary stuff are the botnets that are designed to hijack IoT devices and modems:
46.17.47.173 - - [05/Feb/2019:11:45:50 -0500] "\x16\x03\x01" 400 0 "-" "-"
185.222.211.0 - - [10/Feb/2019:17:15:35 -0500] "\x03" 400 0 "-" "-"
That first one is from a Baxet server in Russia, the second from Outsource Grid in the UK, both are executing binary code.
There are others that contain inline textual code that are designed to download and replace firmware on your device (security cameras, modems, routers, etc. - anything externally addressable) so it can take control of it. I just don't have any examples atm, because they've been lying low with me lately.
The other scary ones are those that attempt rapid-fire/overload brute force logins of a Wordpress, Drupal, or other hosted blog site so they can implant malware within the hosted database and reroute visitors to get infected. Those are the ones that keep me up at night, because if they get in it's real difficult to override what they did before any real damage is already done.
So, that's my "frightened stiff" speech wrt the risks.
