On the provider side, an OLT (Optical Line Terminal) is installed, which is an L2 switch.On the client side, an ONU (Optical Network Unit) is installed, which is also sometimes called ONT (Optical Network Terminal).Did you know that on your “router” there is an account with the rights of a mega-super-uber-duper-sex-administrator and anyone from the Internet can use it?For example, here I accidentally ™ got access first to ONT (using mgts: mtsoao), and then to the Homebridge platform (open source Home for Apple), blinked a telecom friend, turned on the air conditioner, stole the configuration file in which there was everything: mail, cart, appearances, passwords.At lk.mgts.ru/api/homenet/devices, you can see confirmation that the provider not only provides you with the Internet, but it also scans your local network, and places the collected information in databases accessible from the Internet through leaky software.I tried to go to my external ip to enter magic mgts:mtsoao - - it doesn't work.1. Beautiful headline, but incorrect.Information security is one of the sciences.Same as probability theory or history.Probably the author meant information security or information protection... 2. What is described in the article has long been known, but for some reason the author of the article stubbornly avoided additional requirements.After all, in the general case, what he wrote is not applicable.(Login to the router with a password from outside).3. And about the theft of banking information from the same mobile devices, this is generally from the realm of anti-science fiction.4. It’s not clear to me why you need to know information about Wi-Fi in order to get coordinates, if you can’t go to the router, but knowing its ip address on the floor, the information is obtained immediately, through the same Hu from.And for some providers with the full name of the subscriber.5. I would very much like an example "From the useful, for example, this is the data for accessing the SIP account, which will give you the opportunity to make calls from this subscriber's landline phone without pale.".So from the city or sip and nothing, so sip has a binding to the equipment ... (Hence, by the way, the problem with third-party ont).And all ONTs are nailed to OLTs according to the serial numbers registered on the side of the OLTs, that is, on the side of the provider.That is, in theory, you can change the equipment to your own, but firstly, it is specific and expensive, and secondly, you will need your own man in the Gestapo :)http://base.garant.ru/10108000/8258b99e15c780ec0d7c9a628d13c3b2/I have a different default password.And in general, I use only telephone communication and through the bridge, where they do not have access, I made myself Wi-Fi 5 GHz, because I am lazy to change Mikrotik, but in Zyxel, it should be noted, Wi-Fi works better.Everything else is wrapped in the right bridge and cannot come out.Checked.It was and will remain.Nothing prevents you from putting a mega-super-uber-duper-sex-firewall zyxel/mikrotik between Paek and ONT and continue to enjoy the sun in a foil hat.The loophole is such a loophole, since MGTS by default blocks the most popular ports on the WAN, and these are 80, 8080, 21. So this problem should only concern mother's hackers who will forward a custom port over WAN to local 80 and people who dump MGTS for static IP, since for them these ports are not blocked logically due to the specifics of the service.And in your example, again, the dude's router, which pays for a static IP (seen by the domain in the list of Shodan'a results)Learned about mass exploitation mgts:mtsoao from this article.MGTS leaked internal instructions to the Internet - see this and the following post: https://4pda.ru/forum/index.php?s=&showtopic=775949&view=findpost&p=962022902. On this occasion, Leonid Fedotov answered very to the point.I mean, no, you're not safe.Your ONT is the default upstream DNS resolver for your “wifi router”, which means that it is possible for an attacker in your requests to the sberbank.ru domain to give the IP address of a server that does not belong to Sberbank, for example.You will not notice the change, unless you have been in IT for ten years.On Sercomm RV6699v3, it was managed with a specially formed command like “traceroute ;/bin/sh".And then, it seems, there was opkg, but I can lie mercilessly, because a year ago it was all tugging.