Rogers Hitron CODA-4582 Hardware

Need Help?

That's what we're here for! The goal of the Rogers Community is to help you find answers on everything Rogers. Can't find what you're looking for? Just ask!
cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
I Plan to Stick Around
Posts: 29

Re: Rogers Hitron CODA-4582 Hardware

 


@Windwalker wrote:

IPV6 Question

Hi, I have searched to no avail.

I just installed a new Asus RT-AC86U.  Wanted to have a nat firewall and was able to get this router at a good price.

It asks for the IP's IPV6 settings.  There is a tab where I can set this up.

Do I choose "native" and all the auto options?

Does anyone know which settings work with Rogers?

It runs well, a bit faster on the 5GZ than the Coda.  Still have to test the range.

Wired results are the same.  I usually get 930 down and 45-50 up on the Coda.

Thanks


I found the Rogers IPv6 Status thread and a post (follows) from @Datalink solved the issue (Message 500 of 503).  Thanks @Datalink for your ongoing contributions to these forums.  I also found an image an image with the Asus settings for an R7000 confirming going with the "native" option.

 


@timlocke try this.  Connect the router to the modem, make sure that the router is powered up and then restart the modem, pull the modem power, wait for about 15 seconds and plug it back in to force a restart, which should result in the router picking up the IPV6 addresses.  I've noticed that the modem, or CMTS doesn't necessarily respond when a device is plugged into a bridged 4582, and that it might take a couple of modem restarts before the router IP addresses are assigned.  With the modem in Bridge mode, in theory it acts as an invisible bridge to the CMTS, so, is this a failure of the modem, or the CMTS, in terms of responding to the IP request?  Don't know at the present time...
I Plan to Stick Around
Posts: 43

Re: Rogers Hitron CODA-4582 Hardware

I've seen some people claim that Puma7 is also a problematic chipset for lag and packetloss. I continue to experience packetloss.

 

My internal network is rock solid. Hooking my PCs directly up to the CODA in bridge mode (bypassing all NAT and firewalls) still has packetloss during gaming. Something is wrong. Either with the Rogers network beyond my house or the modem. Rogers insists the network is fine.

I've Been Around
Posts: 1

Re: Rogers Hitron CODA-4582 Hardware

CODA-4582 Network Vulnerability 

 

I ran a WIFI Inspector check with Avast Antivirus and found the following:

 

We have identified the following problem with your router or Wi-Fi hotspot device:

DnsMasq heap buffer overflow vulnerability


Severity: High

Reference:

We have identified the following problem with your router or Wi-Fi hotspot device:

DnsMasq heap buffer overflow vulnerability
Severity: High

Reference: CVE-2017-14491 | Google Security Blog

Description:
The affected device's DNS service is running an outdated version of the DnsMasq software which is known to have a heap buffer overflow vulnerability. A remote attacker can gain control of your network device and your Internet connection by sending malformed DNS packets to the device. It allows the attacker to intercept connections and perform a traffic hijack, or execute arbitrary code with unrestricted privileges as well as access all important and private data stored on the device -- your device login/password combination, your Wi-Fi password, and your configuration data.

Impact:
Any device connected to your network, including computers, phones, tablets, printers, security cameras, or any other networked device in your home or office network, may have an increased risk of compromise.

Recommendation:
The issue was fixed in DnsMasq software version 2.78, released in October 2017.

To solve the vulnerability on your device, apply the firmware or system update that contains DnsMasq software version 2.78 or higher provided by your device's manufacturer.

If an update addressing the vulnerability is not yet available for your device, you can secure your router or Wi-Fi hotspot with a strong password to minimize risks imposed by the vulnerability. We also advise you not to visit suspicious websites or run software from questionable sources.

Description:
The affected device's DNS service is running an outdated version of the DnsMasq software which is known to have a heap buffer overflow vulnerability. A remote attacker can gain control of your network device and your Internet connection by sending malformed DNS packets to the device. It allows the attacker to intercept connections and perform a traffic hijack, or execute arbitrary code with unrestricted privileges as well as access all important and private data stored on the device -- your device login/password combination, your Wi-Fi password, and your configuration data.

Impact:
Any device connected to your network, including computers, phones, tablets, printers, security cameras, or any other networked device in your home or office network, may have an increased risk of compromise.

Recommendation:
The issue was fixed in DnsMasq software version 2.78, released in October 2017.

To solve the vulnerability on your device, apply the firmware or system update that contains DnsMasq software version 2.78 or higher provided by your device's manufacturer.

If an update addressing the vulnerability is not yet available for your device, you can secure your router or Wi-Fi hotspot with a strong password to minimize risks imposed by the vulnerability. We also advise you not to visit suspicious websites or run software from questionable sources.

 

What does that mean?

I Plan to Stick Around
Posts: 26

Re: Rogers Hitron CODA-4582 Hardware

CVE-2017-14491

 

What that means is that they can redirect your DNS requests which can lead to a "man in the middle" attack.  Say you wanted to logon to your bank which is a at a certain IP address (let's keep it simple: 7.8.14.23 as an IP address).  But you type in "https://myaccount.atmybank.com "(all examples).  DNS would normally point you to 7.8.14.23 but because you are not connecting directly to your DNS provider there is a chance for an injection as we call it.  So it will still get you to 7.8.14.23 but using an extra hop or two going through a DNS server of the attacker.  They capture the data, generally it is encrypted and sites are pretty good these days, but your data could be captured somewhere and stored and maybe not today but at some point in the future if you keep using the DNS entrees they might collect more and more data to perform an attack.  To perform this injection they will however need to hack into your software on the modem first and for us simpletons there is not enough meat on the bone so even though there is this vulnerability it is highly unlikely that someone would go through the length - once a script kiddy gets there hands on this code and can reproduce it performing a dDOS things will get more serious.  By the way my modem got updated to 

2.0.10.33T03

Maybe the fix is done, I was at 28T2 when I picked the modem up last weekend.

 

I've Been Around
Posts: 1

Re: Rogers Hitron CODA-4582 Hardware

I am also trying to connect my storage to CODA-4582. Is it fixed?

I Plan to Stick Around
Posts: 41

Re: Rogers Hitron CODA-4582 Hardware


@Marabi wrote:

CODA-4582 Network Vulnerability 

 

I ran a WIFI Inspector check with Avast Antivirus and found the following:

 

The affected device's DNS service is running an outdated version of the DnsMasq software which is known to have a heap buffer overflow vulnerability. A remote attacker can gain control of your network device and your Internet connection by sending malformed DNS packets to the device. It allows the attacker to intercept connections and perform a traffic hijack, or execute arbitrary code with unrestricted privileges as well as access all important and private data stored on the device -- your device login/password combination, your Wi-Fi password, and your configuration data.

Impact:
Any device connected to your network, including computers, phones, tablets, printers, security cameras, or any other networked device in your home or office network, may have an increased risk of compromise.

Recommendation:
The issue was fixed in DnsMasq software version 2.78, released in October 2017.

To solve the vulnerability on your device, apply the firmware or system update that contains DnsMasq software version 2.78 or higher provided by your device's manufacturer.

If an update addressing the vulnerability is not yet available for your device, you can secure your router or Wi-Fi hotspot with a strong password to minimize risks imposed by the vulnerability. We also advise you not to visit suspicious websites or run software from questionable sources.


What does that mean?


I'm impressed that the tool identified this bug in the router.  I assume that it is correct.

 

Why did you include two copies of the same message?

 

The message contained an explanation.

 

The router firmware includes a buggy version of dnsmasq.

 

Through somewhat tricky means, a Bad Guy can send a network packet that will cause dnsmasq to misbehave (a heap buffer overflow).

 

It is possible for the packet to be designed so that the attacker can take over the router.  Once he has done this, he can act as a "man in the middle" for all your internet traffic (all of which goes through the router).

 

A man in the middle has almost unlimited powers for mischief.

 

I don't understand how their recommendation of not visiting scary sites has any effect.  Maybe they mean "don't resolve any scary domain names", almost impossible to follow and not perfectly effective.

 

What to do?

  • ignore the problem -- exploiting this bug is hard.  Any attack probably has to be tailored to the specific firmware.  Surely Rogers will come up with a fix soon, just like all the other problems with this modem :-)
  • the bug is likely in the router part of the device.  Switch to bridge mode and use your own router.  This assumes that your own router doesn't have this bug.  Probably should test it first with Avast's Wifi Inspector

You should report this to Rogers.  But I don't actually know how to report this kind of bug to Rogers.  Years ago I had DHCP problems that were caused by Rogers server not conforming to the RFCs.  I phoned support but they had no way to report this to engineering.

 

 

I've Been Around
Posts: 1

Re: Rogers Hitron CODA-4582 Hardware

My modem has TV and powerline TP Link Av1000 connected to it with Cat7 cables (tried it all cat5e cat6 cat7)
Tv negotiates 1000mbps but tplink negotiates only 100mbps.
Any idea why? The powerline is gigabit
I Plan to Stick Around
Posts: 225

Re: Rogers Hitron CODA-4582 Hardware

Guys, so is rogers still putting black stickers on CODA modem ? 

I'm a Regular
Posts: 859

Re: Rogers Hitron CODA-4582 Hardware

I don’t think so. I just picked another one and there was no black sticker the only thing I see that was diff there is a U after 4582
Highlighted
I've Been Here Awhile
Posts: 3

Re: Rogers Hitron CODA-4582 Hardware

When does Rogers plan to enable the usb storage on the Hitron CODA-4582 modem? I can't get mine to work.