Jump to content

AT&T and Arris messed me up

middle_pickup

So a couple months ago I learned of a security breach in the the Arris brand modem that AT&T supplied my house with. Here is a link to a ZDnet article explaining the situation... http://www.zdnet.com/article/flaws-in-att-routers-put-customers-at-risk/

 

As U-Verse customers, we are required (so AT&T says at least) to use the supplied modem. I think this is because U-Verse does TV, phone, and internet all from one modem? What should I do about this? AT&T doesn't seem to care about our security. Talking to their customer support is frustrating. They don't know what you're talking about when you bring up the issue. 

Link to comment
Share on other sites

Link to post
Share on other sites

i still use use the Arris modem but am using a pfsense router 

 

but you could just use any router, you don't really have a choice with the modem because like you said some of there services require it. if you what the router  you connect to it to have a public IP for the WAN you will have to enable IP passthrough on the ARIS Modem 

Link to comment
Share on other sites

Link to post
Share on other sites

1 minute ago, jnic said:

i still use use the Arris modem but am using a pfsense router 

 

but you could just use any router, you don't really have a choice with the modem because like you said some of there services require it. if you what the router  you connect to it to have a public IP for the WAN you will have to enable IP passthrough on the ARIS Modem 

First off, thank you for your reply. I really need the help concerning this stuff. So you're saying with IP passthrough enabled on the Arris modem that I can use the second router to be my connection to the public internet? 

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, zjdrummond said:

First off, thank you for your reply. I really need the help concerning this stuff. So you're saying with IP passthrough enabled on the Arris modem that I can use the second router to be my connection to the public internet? 

so right now if you were just to disable wifi on your arris modem, and plug in your new router, your new router would be in a double NAT, so if you wanted to run a VPN server, or do any port forwarding it would be much more difficult,

to get around this you enable IP passthrough on the arris router. but if you don't need to do any of that you would be perfectly fine with a double nat 

 

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, jnic said:

so right now if you were just to disable wifi on your arris modem, and plug in your new router, your new router would be in a double NAT, so if you wanted to run a VPN server, or do any port forwarding it would be much more difficult,

to get around this you enable IP passthrough on the arris router. but if you don't need to do any of that you would be perfectly fine with a double nat 

 

That explains why my Plex server doesn't get out of the local network anymore. Thanks so much for your help! I'll configure IP passthrough tonight then. 

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, zjdrummond said:

That explains why my Plex server doesn't get out of the local network anymore. Thanks so much for your help! I'll configure IP passthrough tonight then. 

here's a link to an atat post about how to configure it https://www.att.com/gen/general?pid=23697

 

also so do you have another router you could hook up yet, because unless you do not enable until you do and its the only thing connected 

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, jnic said:

here's a link to an atat post about how to configure it https://www.att.com/gen/general?pid=23697

 

also so do you have another router you could hook up yet, because unless you do not enable until you do and its the only thing connected 

I have an Archer C7 router behind the Arris box. Though I wasn't entirely sure what I was doing, I hoped that my family would be safer by moving everything in our house from the Arris wifi (now turned off) to the C7's new network. Did that as soon as I heard about this whole situation from an episode of Security Now a while ago. I made sure that the C7 firewall was turned on, and hoped for the best.

 

Thanks for looking out for me!  

Link to comment
Share on other sites

Link to post
Share on other sites

2 minutes ago, jnic said:

That explains why my Plex server doesn't get out of the local network anymore. Thanks so much for your help! I'll configure IP passthrough tonight then. 

also ip passthrough wouldn't be causing that, you can still access the internet, you just wouldn't be able to open ports up as easily on the double nated router 

Link to comment
Share on other sites

Link to post
Share on other sites

3 minutes ago, jnic said:

also ip passthrough wouldn't be causing that, you can still access the internet, you just wouldn't be able to open ports up as easily on the double nated router 

Plex uses UPnP, or manual port forwarding, in order to be accessible when you are outside of your home. So Double NAT would definitely cause that to happen, since UPnP isn't passed up from an internal NAT router to the external NAT router.

Looking to buy GTX690, other multi-GPU cards, or single-slot graphics cards: 

 

Link to comment
Share on other sites

Link to post
Share on other sites

1 minute ago, brwainer said:

Plex uses UPnP, or manual port forwarding, in order to be accessible when you are outside of your home. So Double NAT would definitely cause that to happen, since UPnP isn't passed up from an internal NAT router to the external NAT router.

ok i really don't know a whole lot about plex

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, brwainer said:

Plex uses UPnP, or manual port forwarding, in order to be accessible when you are outside of your home. So Double NAT would definitely cause that to happen, since UPnP isn't passed up from an internal NAT router to the external NAT router.

Okay. That makes sense. I thought I read something in the Plex documentation about this. I didn't use Plex away from home that much, so it wasn't a huge deal when it stopped working. Would be nice to have the option back though. Thanks for chiming in!

Link to comment
Share on other sites

Link to post
Share on other sites

2 hours ago, zjdrummond said:

So a couple months ago I learned of a security breach in the the Arris brand modem that AT&T supplied my house with. Here is a link to a ZDnet article explaining the situation... http://www.zdnet.com/article/flaws-in-att-routers-put-customers-at-risk/

 

As U-Verse customers, we are required (so AT&T says at least) to use the supplied modem. I think this is because U-Verse does TV, phone, and internet all from one modem? What should I do about this? AT&T doesn't seem to care about our security. Talking to their customer support is frustrating. They don't know what you're talking about when you bring up the issue. 

Arris and Intel fucked up on the Puma 6 chips used in cable modems. It happens. 

 

If it were me, I would put the modem/router combo in bridge mode and use your own router. 

I just want to sit back and watch the world burn. 

Link to comment
Share on other sites

Link to post
Share on other sites

1 minute ago, Donut417 said:

Arris and Intel fucked up on the Puma 6 chips used in cable modems. It happens. 

 

If it were me, I would put the modem/router combo in bridge mode and use your own router. 

I didn't hear that Intel messed up. What is bridge mode? Is that like IP passthrough? 

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, zjdrummond said:

I didn't hear that Intel messed up. What is bridge mode? Is that like IP passthrough? 

Well Intel manufactured the Puma 6 chips. And its those chips that have issues. Arris thinks a firmware update can fix some of the issue, but people with Puma 6 modems have been waiting a year. Arris is involved in a class action lawsuit because of it. 

 

Bridge modem turns off the router portion. Basically turns the box in to a modem. This way you can use a 3rd party router without incurring the wrath of double NAT. Or triple NAT if your in an area where AT&T ran out of IPv4 addresses and has deployed carrier grade NAT. Because I think I have seen complaints about AT&T doing that in some areas. 

I just want to sit back and watch the world burn. 

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, Donut417 said:

Well Intel manufactured the Puma 6 chips. And its those chips that have issues. Arris thinks a firmware update can fix some of the issue, but people with Puma 6 modems have been waiting a year. Arris is involved in a class action lawsuit because of it. 

 

Bridge modem turns off the router portion. Basically turns the box in to a modem. This way you can use a 3rd party router without incurring the wrath of double NAT. Or triple NAT if your in an area where AT&T ran out of IPv4 addresses and has deployed carrier grade NAT. Because I think I have seen complaints about AT&T doing that in some areas. 

I'll have to do some googling about that bridge mode. Thanks for the tip!

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, zjdrummond said:

I'll have to do some googling about that bridge mode. Thanks for the tip!

Might have to call AT&T. Because generally the option is not user accessible. 

I just want to sit back and watch the world burn. 

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, Donut417 said:

Might have to call AT&T. Because generally the option is not user accessible. 

I guess I'll find out. I'll update the post for posterity. Thanks again!

Link to comment
Share on other sites

Link to post
Share on other sites

I decided to go through with the IP passthrough fix for now. I may call AT&T for the bridge option eventually. This seems to be working for now though. 

Link to comment
Share on other sites

Link to post
Share on other sites

7 minutes ago, zjdrummond said:

I decided to go through with the IP passthrough fix for now. I may call AT&T for the bridge option eventually. This seems to be working for now though. 

On this particular modem/router, the IP Passthrough is about as close as you can get to bridge mode as possible - it doesn't have a true bridge mode.

Looking to buy GTX690, other multi-GPU cards, or single-slot graphics cards: 

 

Link to comment
Share on other sites

Link to post
Share on other sites

11 hours ago, brwainer said:

On this particular modem/router, the IP Passthrough is about as close as you can get to bridge mode as possible - it doesn't have a true bridge mode.

I'm having a new problem now. Our home security system is complaining that it doesn't have enough bandwidth. I guess I will have to call AT&T. Hate dealing with those guys.

Link to comment
Share on other sites

Link to post
Share on other sites

49 minutes ago, zjdrummond said:

I'm having a new problem now. Our home security system is complaining that it doesn't have enough bandwidth. I guess I will have to call AT&T. Hate dealing with those guys.

If you have a modem and AT&T I would assume you have DSL. What speeds are you at now?

Link to comment
Share on other sites

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×