The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My work

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,811 other followers

Disable TR-069 on a Fritz!Box and check if that was succesful – translated from a post by Hartmut Goebel 

Posted by jpluimers on 2016/11/29

Just in case you got scared by the TR-064 hack and likely causality to the German Telekom ISP outage yesterday as some modems expose TR-064 via the TR-069 WAN access, here is how to disable TR-069 in your Fritz!Box: [WayBackTR-069 auf Fritzbox ausschalten und Ergebnis prüfen — Hartmut Goebel · CISSP, CSSLP · Berater für Information-Security-Management

Note that for Fritz!Box the TR-069 implementation is not as bad as some Speedport devices used by Telekom, but you might want to consider turning TR-069 off:

If you trust yourself to keep the Fritz!Box firmware *and* settings up-to-date better than your ISP does, below are the translated steps.

Steps to disable TR-069 on a Fritz!Box router

  1. Activate telnetd on your Fritz!Box via a connected phone by dialing #96*7*
  2. Connect to your Fritz!Box over telnet at using telnet fritz.box or instead of fritz.box., use the IP-address of your Fritz!Box device
    • the password is the same as the password in the Fritz!Box web interface
  3. Disable TR-069 by typing this command: ctlmgr_ctl w tr069 settings/enabled 0
  4. Verify the TR-069 is off by looking at configuration file with this command: cat /var/flash/tr069.cfg
    • Check that at the start there is a line with enabled = no
  5. Disable telnetd on your Fritz!Box via a connected by by dialing  #96*8*
Note that even without a phone you can enable/disable telnetd as described by [WayBack] FRITZ!Box VoIP password extraction 

–jeroen

References:

2 Responses to “Disable TR-069 on a Fritz!Box and check if that was succesful – translated from a post by Hartmut Goebel ”

  1. Goran said

    Telnet is no longer available.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: