- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Ever since my ActiontecMI424WR (Rev C) was auto-updated from the 4.0.16.1.56.0.10.11.3 firmware to the 4.0.16.1.56.0.10.11.6 firmware it has begun updating the firmware every 4-12 hours. After a quick round with tech support I was left with their first line of defense... We will send you a replacemetn router.
I have recieved the replacement router, it is a Rev D unit, which was flashed by support with the 4.0.16.1.56.0.10.11.6 firmware. I laid in all of my settings, firewall, port forwarding, remore acces and the such. All seemed to be fine for four hours when the router was reflashed with the same 4.0.16.1.56.0.10.11.6 firmware.
Has anyone else experienced this continuous auto-push of the latest firmware to the Actiontec router?
I am hoping to fine a solution before having to send the good portion of the day getting through to Level 2 or higher support.
Solved! Go to Correct Answer
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Found the problem... It is something I did not expect and it took a bit of log analysis and computer connection elimination to run it down.
It seems like the Actiontec router can be confused to a point that it will reset the configuration back to it's default state. The following has blown up the configuration file of two separate Actiontec MI424WR routers that I have used one a Rev C and the current Rev D that I have. Both were/are firmware version 4.0.16.1.56.0.10.11.6.
On a Windows XP system connected to the router via a wireless connection:
1. Right click on desktop and select "Properties"
2. Click on the "Desktop" tab
3. Click on the "Customer Desktop..." button
4. Click on the "Web" tab
5. Click on "New..."
6. In the "Location:" box enter <a specific web site that I will not name> and click "OK"
7. Click "OK" when asked to add to active desktop
8. Schedule it to synchronize every hour
9. Keep clicking "OK" until you are back to your desktop
Once the particual web page is synchronized to the computer even if the computer is blocked from the internet with a firewall rule on the router the constant flood of proxy requests from code that was synchronized the computer through the wireless connection to the router puts the router into some form of panicked state that has it reboot itself back in to it's know default state. This effectively wipes out all firewall rules and settings opening the internet bak up to the computer.
This is common method of running themed web pages on the Active Desktop and appears to be exploitable with some particular web page coding.
Please do not ask me for the unnamed web site URL as I will not give it out to anyone.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have enabled remote administration on one of the alternate ports. The updating activity has occurred whether remote administration is enabled or not.
The only settings I have altered from the default are changing the DHCP IP distribution from .2-.254 to .2-.149, added firewall rules with scheduling to several computers, added port forwarding fora couple services to one of my servers, disable the wireless radio and added to static servers I have running to the DNS definitions.
I have run these sames settings with my original MI424WR Gen 1 router and the Gen 2 Rev C I just replaced on older firmware with zero issues. When my Rev C router updated to the 4.0.16.1.56.0.10.11.6 firmware I started experiencing this issue. Since Verizon pushes the firmware updates from their update server rolling back the firmware to a previous version does no good since it just gets updated right back to the where I am at.
If all of my settings did not get wiped out each time the update occurs this would drop to a minor irritation. As it stands though it is a major pain in the...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Well, still happening. The router gets hit remotely to push an update daily around midnight, as the log exerpt below shows, and I am back to a default load.
Mar 29 00:09:36 2009 System Log CWMP Connection Request Inform initial 401 chanllengeMar 29 00:09:30 2009 System Log CWMP Connection Request Inform 204 No Content
Mar 29 00:09:28 2009 System Log CWMP Connection Request Inform challege response with 200 OK from server
Mar 29 00:09:27 2009 System Log CWMP Connection Request Inform initial 401 chanllenge
Mar 29 00:09:20 2009 System Log CWMP Periodic Inform 204 No Content
Mar 29 00:09:17 2009 System Log CWMP Periodic Inform challenge response with 200 OK from server
I guess I am going to have to break down and try to work through this with support.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Update... I looked into what actually occurred with the midnight activity as best I could. I appears that a full upgrade may not have occurred. What looks to have occurred is a challenge from Verizon's auto-update server then a reset of the router's configuration to Verizon's version of the out of the box factory default settings.
I have reflashed the router manually to see what effect a good date stamp on the flashing will have. The flash done by Verizon was time stamped as having been done 31 Aug 2007 which is prior to the release date of the firmware's actual release date. It is a shot in the dark, but I am willing to grasp at most any straw at this moment.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
**
We may provide you, for a fee or at no charge, software for use in connection with the Service which is owned by Verizon or its third party licensors, providers and suppliers ( "Software" ). We reserve the right periodically to update, upgrade or change the Software remotely or otherwise and to make related changes to the settings and software on your computer or Equipment, and you agree to permit such changes and access to your computer and Equipment. You may use the Software only in connection with the Service and for no other purpose...
^^
You guys/gals agreed to it.
*Sucks* Note: Just because they have the right to do something, does not mean that they should.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This is pretty standard in most software and service provider agreements and pertains to technical support issues where the cuase of the problem may be the result of personally owned equipment and/or software and its configuration.
I do not like the thought of a service provider accessing my equipment so I do not let them, but I do uderstand that I am connected through their network using their equipment that I am leasing (i.e. router) and that they have chosen to control the method of updating the equipment. Again, I do not like the method and the fact that I can not disable it, but... Their equipment... Their network... Their service...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This is one solution and I am sure that there are quite a few people out there who are networking in this manner. However, the location of the ONT in my home and the logistics of cabling up, through and accross my 4000 sq/ft home to where my router is makes this a non-alternative for me.
There has to be a solution for my problem and I will continue to beat the bushes until I have it.
I have laid in a firewall filter to simply drop any packets coming in on port 4567 via the Broadband Coax Ethernet connection. I will see if that has any effect.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The filter did not work... At 12:10 AM this morning a reset of the configuration occurred. I reloaded my configuration file around 7:30 AM and at 8:10 AM it reset the configuration again. Based on my trials and tribulations this past weekend it appears the reset occurs every eight hours (12:10 AM, 8:10 AM, 4:10 PM).
Looks like I will have to deal with Verizon technical support on this. Looks like a long day, or two, on the phone.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Found the problem... It is something I did not expect and it took a bit of log analysis and computer connection elimination to run it down.
It seems like the Actiontec router can be confused to a point that it will reset the configuration back to it's default state. The following has blown up the configuration file of two separate Actiontec MI424WR routers that I have used one a Rev C and the current Rev D that I have. Both were/are firmware version 4.0.16.1.56.0.10.11.6.
On a Windows XP system connected to the router via a wireless connection:
1. Right click on desktop and select "Properties"
2. Click on the "Desktop" tab
3. Click on the "Customer Desktop..." button
4. Click on the "Web" tab
5. Click on "New..."
6. In the "Location:" box enter <a specific web site that I will not name> and click "OK"
7. Click "OK" when asked to add to active desktop
8. Schedule it to synchronize every hour
9. Keep clicking "OK" until you are back to your desktop
Once the particual web page is synchronized to the computer even if the computer is blocked from the internet with a firewall rule on the router the constant flood of proxy requests from code that was synchronized the computer through the wireless connection to the router puts the router into some form of panicked state that has it reboot itself back in to it's know default state. This effectively wipes out all firewall rules and settings opening the internet bak up to the computer.
This is common method of running themed web pages on the Active Desktop and appears to be exploitable with some particular web page coding.
Please do not ask me for the unnamed web site URL as I will not give it out to anyone.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Some of them, are as follows:
TheSanchez http://forums.verizon.com/vrzn/profile?user.id=2694
Techman28 http://forums.verizon.com/vrzn/profile?user.id=2025
or CharlesH http://forums.verizon.com/vrzn/profile?user.id=4028