SDSC's Self-Help Guide to the Alcatel Speed Touch Home ADSL modem.

WARNING AND DISCLAIMER
Use of information on this and related pages can cause irreparable harm to your Alcatel device! There is the possibility of corruption of the firmware, or even physical damage to the device.


THIS INFORMATION AND/OR SOFTWARE IS PROVIDED BY THE AUTHOR OF THIS ARCHIVE ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED . IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES ; LOSS OF USE, DATA, OR PROFITS ; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE .

Use of this information may void your waranty. Changing the configuration of your device may be in violation of your contract with your service provider.

Proceed with caution.

The SDSC Advisory and related information

Here is an executive summary of the vulnerabilities we reported.

SDSC released a security advisory related to the Alcatel Speed Touch Home DSL modem on 10 April 2001. Here is the original text version.

This was followed by a CERT Advisory later the same day.

Here is a FAQ with answers to some of the questions we've been asked.

Information about the Alcatel Speed Touch Home DSL modem
  • Patches and tools developed by Tsutomu Shimomura to manipulate the Alcatel firmware. This includes software to unpack and re-pack the firmware into a useable form, an example list of which bytes to patch, and a tool for applying patches to close the reported vulnerabilities. We do not recommend that anyone actually apply these patches, rather one should ask their service provider for a fix.
  • A tool to determine the "EXPERT" mode password for an Alcatel Speed Touch. NOTE: This applies to the specific firmware version cited in the original advisory. It is not expected to work with any newer firmware. Alcatel provided newer firmware to its customers in late 2001.
  • An "nmap" of a Speed Touch Home
  • the internals of a Speed Touch Home, as a thumbnail, or large
  • the internals of a 1000 ADSL, as a thumbnail, or large
  • Instructions for possibly recovering a corrupted Speed Touch Home
  • Some line profiles, as used by SBC-ASI.
  • Example of a carrier signal-noise graph.
Hints for Speed Touch power users, coming soon!!