Here’s a guide I found online with which you can ‘root’ your Speedtouch. I’ve got two Speedtouch routers on which I’ve tested this and both ‘work’, although you can’t get the much wanted ‘debug exec’ command to work with this hack with firmware version  >= 6.2.x.

The debug exec command is very usefull for, well, executing debug commands :o) and gathering more information about certain settings.

1. Open a SpeedTouch webpage at ‘User Management’.

Home > Toolbox > User Management. The default IP is ’192.168.1.254′, and the default user is “Administrator” with a blank password, although this can change from supplier-to-supplier. The process below will remove ALL usernames from the user.ini, so you may wish to back it up first from Home > SpeedTouch > Configuration > Backup & Restore.

2. Log into the SpeedTouch using Telnet (port 23)

I used PuTTY to do this, but any telnet client is fine (Windows has one called, er, ‘telnet’). CLI commands can also be issued via FTP, using the “quote site” ftp-command, but telnet is easier.

3. Login with username + password.

I’ve seen on other sites that an MLAP of at least “Administrator” is required to access telnet & ftp, but have never read that myself within any Thomson documentation.

4. Issue the (CLI) command “user flush” (no quotes).

If you then do “user list” before and after you will get the contrast; afterwards it will be empty.

5. Type “exit” (no quotes) to log out of telnet.

6. Now login again to telnet.

Simply press the return key twice if asked for username and password. You are now logged in as user “root” with full, unrestricted MLAP privileges.

7. Type “user add” (no quotes) and add a new user… with root privilege!

You *have* to add a password (as you can see below I first attempted with a blank password).

8. Type “exit” (no quotes) to log out of telnet.

At this stage, the user.ini has not changed. There is probably a CLI-command to do that, but the next steps are an easy way to update it.

9. Return to the ST webpage, and enter your (new) name and password.

(Remember that both are case-sensitive) That happened automatically for me. You may need to click on a new webpage to get the login-box.

10. Now add a new user on the webpage.

Home > Toolbox > User Management > New User. As you are now the root user, you can allocate any level of MLAP privilege to that user that you wish! The password for the new user will be the same as the username. After you press Apply, the user.ini is updated with both names. Remember that all the previous names will disappear.

This is what it should look like when you telnet to the router at step 6:

~$ telnet router
Username :
Password :
------------------------------------------------------------------------

______  SpeedTouch 585
/         /\  6.1.4.3
_/       /\_____/___ \  Copyright (c) 1999-2006, THOMSON

*funky ascii art removed*

------------------------------------------------------------------------

=>user list

=>user add
name = root
password =
Required parameter (use ctrl-c or ctrl-g to abort)
password = ****
Please retype password for verification.
password = ****
role = root
[hash2] =
[descr] =
[defuser] =
[defremadmin] =
[deflocadmin] =
:user add name=Alex password=_CYP_*hidden* role=root
=>user list
User                              Flags Role
----                              ----- ----
root                                    root

You can try the following command to see if it doesn’t give a warning (Firmware 6.1.x or lower):

debug exec cmd='tdsl getData all'

Lets see,

With 33 years at his joint he accumulated a 58 billion net. worth that makes his net annual salary:
58,000,000,000/33 = 1,757,575,757 US$
Between 5 and 7 there’s 6 ofcourse…
6 can be put in above result 6 times
1,76567,56765,76567
=> 666 666

So yes, he is Satan, twice even (2 x 6 months) for each year for the past 33 years ;o)

Nice one Bill!

I was recently involved in a wireshark trace of a networking issue and I needed a switch with monitor/span capability to put my sniffer on. I used the switch that was on-site to configure a monitor port on, but on the other site there wasn’t such a switch available. I’d like to have one in my trunk as I seem to need stuff like that on a monthly basis, i just think it’s better to be prepared.
Initially I was looking for a Cisco or Nortel that could sit in my trunk, but I also had a Speedtouch 716WL laying around. Just to save money (yes, I’m a cheap and lazy b’start) I started diving into the CLI environment of that little piece of hardware.

It seems that one of the most frequently used ADSL routers, at least in the Netherlands, can be set up to do a monitor/span with only a few simple CLI commands! Combined with its portable size and light weight compared to a 19″ rack mountable switch, I think its a great tool to have around.

I’d like to document this on my blog as a reference for myself. Its from the Operator Guide of a Speedtouch 620, chapter 11.3.5. The CLI doesn’t seem to have changed a lot, that can’t be said for the web-interface though :)

# 11.3.5 Ethernet Diagnostics

For debugging purposes, the SpeedTouch offers a port mirroring feature. This
means that, three out of the four physical ethernet ports can be used for network
connections, while the remaining ethernet port can be used to connect a sniffing
device. In this way, when there is a network problem, a sniffer can be connected
without causing any intrusion in the network.
The first thing to do is to determine which ethernet port will be used for sniffing
purposes. In the example below ethernet port four will be used. Use the following
command to set port four as capturing port:

=>:eth switch mirror capture port=4
=>

To verify which port has been set as capture port, use the following command:

=>:eth switch mirror capture
Mirror capture port=4
=>

You can now set a port that you want to monitor to on the mirror capture port. This
can be done for egress traffic (packets leaving the modem) and ingress traffic
(packets towards the modem). In the example below we will monitor ingress traffic
on ethernet port one and egress traffic on ethernet port two. Use the following
commands:

=>:eth switch mirror ingress port=1 state=enabled
=>:eth switch mirror egress port=2 state=enabled:

All traffic comming in to the modem on ethernet port one will now be mirrored on
ethernet port four. All traffic leaving the modem on port two will also be mirrored
on ethernet port four. During port mirroring the capture port can still be used as a
normal ethernet port.

To verify which port is being mirrored (ingress or egress) use the following
commands:

=>:eth switch mirror ingress
Ingress mirror port = 1
=>:eth switch mirror egress
Egress mirror port = 2
=>

When there is no need to mirror traffic to ethernet port four any more you can
disable the mirroring by executing the following command:

=>:eth switch mirror ingress port=1 state=disabled
=>:eth switch mirror egress port=2 state=disabled

Beter laat dan nooit, toch even een ‘tribute’

Internet 2.0

its coming…