Next, the user interface: Quite extraordinarily, much of the NVG510's user interface isn't, and can't be, password protected though other sections of the user interface are protected by what Motorola calls an "access code". The first thing you see when you load the root page in your browser is way more detail than you'd expect, such as the wireless SSID and the network key in plain text!
Wait! It gets better: If you go to the Device page you can see the IP addresses of all network-connected gear, while the broadband page gives you lots of detail about your WAN interface and the Home Network Page shows you everything any hacker could ever want to know about your LAN configuration.
The access code is only required to restart the device, configure the WAN, LAN, firewall, and wireless services, examine the VoIP interface details, and, for no accountable reason, to examine the device's log.
The code is also required to change the access code and, oddly, while the supplied code is simply 10 numeric characters, any code you'd like to use "must contain characters from two of these categories: alpha, numeric, and special characters". Do as we say, not as we do ...
As security goes, this device has no clear strategy and has the feel of something that was left to a junior engineer to design. I'm amazed that this product could have passed the technical selection process for AT&T.
The various entries you might see in the log aren't explained anywhere I can find and, while some of them are decodable, others are not at all obvious. It also looks like the logging system is buggy: All devices that disconnect and then reconnect are almost always listed as reconnecting after however long it was plus 30 days and 16 hours ... for example, here's the log entries for a device that disconnects and reconnects after 18 seconds:
2012-03-13T07:06:36-07:00 L3 sdb: Wi-Fi: Client a4:d1:d2:71:c1:c0 left XXXX
2012-03-13T07:06:36-07:00 L3 sdb: Wi-Fi: Number of clients associated 2
2012-03-13T07:06:54-07:00 L3 sdb: Wi-Fi: a4:d1:d2:71:c1:c0 re-joined XXXX after 30 d 16 h 0 m 18 seconds
2012-03-13T07:06:54-07:00 L3 sdb: Wi-Fi: Number of clients associated 3
Perhaps I'm being picky, but I think the quality of code is always visible in the attention (or lack thereof) to detail in the stuff you see. In the case of the log above, why are days, hours, and minutes abbreviated while seconds is fully spelled out? That's just sloppy thinking.
An old and ongoing problem with the NVG510 concerns DNS resolution. The modem doesn't allow you to change the default DNS servers and either or both of AT&T's DNS servers keep failing to respond ... for example:
- Why Projects Fail CIOs are expected to deliver more projects that transform business, and do so on time, on budget and with limited resources.
- The New Business Case for Video Conferencing: 7 Real-World Benefits Beyond Cost-Savings This whitepaper provides insight into the value of video conferencing in today's business environment, and how organizations are using visual collaboration to find...
- Gartner Magic Quadrant for Client Management Tools The client management tool market is maturing and evolving to adapt to consumerization, desktop virtualization, and an ongoing need to improve efficiency.
- Audit Ready and Asset Optimized: The Solid Promise of an Intelligent Software Asset Management Solution In this paper Frost & Sullivan examines the benefits of enterprise-grade Software Asset Management solutions, and how these solutions serve as the convergence...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Broadband White Papers | Webcasts