The Webramp is a dial up router produced by Ramp Networks. The router supports multiple modems - up to three if memory serves correctly - each with individual configuration pages.
The webramp router is commonly configured with a default username : password combination of "wradmin : trancell". Mostly, you'd find that some routers did not even have passwords set. The router has a Web Interface(GUI), a telnet interface and in certain instances, an Rlogin interface. There were instances where the routers would only have Telnet and/or Rlogin open, and the web interface would not be open/accessible. Other instances, the Web Interface alone may be active, and so on. As a result of this, there became various methods of acquiring dial up username's and passwords, and more risky and severe than that, gaining remote access to the LAN behind the webramp.

Well as previously mentioned, there are typically three different ways to connect to the WebRamp.
1) Web Interface (port 80, HTTP)
2)CLI (port 23, Telnet)
3)CLI (port 512,513, Rlogin).
NB: You should look into a nice little multi-client called Putty if you don't have a Rlogin client. Putty also supports Telnet and other protocols.

1)Web Interface
The WebRamp router stores the Dial up passwords on the client side of the router as opposed to the server side (very bad). The client side coding tells the web page to display the password as a series of asterisks, but it is really there and visible in clear text - you can view it by looking at the source code of the page.

2)Telnet
Well, as previously mentioned, sometimes you may find a Webramp router that does not have a web interface open/active. When at the Webramp login prompt, you can login as "wradmin:trancell". The username on the webramp cannot be changed to anything other than wradmin, but the password _can_ and should be changed! Unfortunately, this is not always the case. I will save you the trouble of trying to figure out the commands on the CLI, as, there are no helpful manuals in figuring out the commands, and once at the prompt "help" does absolutely nothing, hehe. To activate the Web Interface on the webramp, simply issue the following command *setcallcontrol "-h 0"* (minus the two *'s, the inverted comma's are necessary however). Once done, the Web Interface will now become active.

NB: There is also a command to dump the configurations from the CLI, but I'll let you figure that one out on your own. I will give you a hint though, it is under the "do" command.

3)Rlogin
Rlogin, is a pointless, but rather interesting service imo. All rlogin servers are flawed in a very serious way;they all assume that all traffic coming from @localhost is legitimate! and as such, will not ask you for a username or password. In case you haven't figured it out as yet, this would leave ALL Rlogin servers highly vulnerable to IP spoofing attacks. If you don't know how to perform this "simple" type of IP Spoofing attack, well, I guess you have some reading to do.

Now that we've covered that, you might recall me mentioning that it is also possible to gain remote access to the LAN behind the Webramp.

If we were to sit and think about this constructively for a moment, we'd realize one very important thing ; this router is a DIAL UP router. We'd also realize that we can specify what number the router dials (it would generally be the number of the ISP). We would also realize that the terminals behind it, do not have a WAN side address; the WAN side address that is given by the ISP is assigned to the router. The systems behind the router have private/local addresses. This means that from our end, or from the WAN side of the Webramp, if we tried to access one of the remote LAN side machines, we'd really end up looking at our own networks, as these addresses are all internal. I shouldn't really have to try to explain this in layman's terms too much as you should understand it. So the question arises, well, how do we gain access to the computers behind the router if the IP addresses they have are not accessible directly from the outside?

In order to gain access to the LAN behind the router, we need to set up a very simple VPN server. Windows has everything necessary for you to implement a dial up VPN server on your home machine. All you would need is a modem and a working phone line. I'm caught between whether I should say how to set up the VPN, or if I should let you research it, so, I'll let my laziness at present hinder me from telling you how to do it now, but I may write up a short article soon. Once we've setup a VPN, and created an account for the VPN to accept and connect to us, we go to the web interface of the WebRamp and we change the ISP's number, to our phone line, and we change the username and password on the Webramp to one that we've set in the VPN to connect to us. After that, simply apply the changes and wait a second as the router will now dial into you and authenticate. Congratulations, you've just placed the WebRamp and all other terminals behind it, onto your LAN. Making all things on or behind it, accessible to you.

Immediately change the default webramp password and disable the Rlogin server! It is important that you ensure that Rlogin is not enabled as even if you change your password, once someone knows what commands need to be issued, they could easily reset your password and log in amongst many other things.

It would be foolish to attempt to do any of this during "prime hours". It is also foolish to not set this back after. It is even more foolish to do anything dangerous, or malicious - you'd only hurt yourself and block some other eager to learn security lover from a learning experience. As an admin, I must insist that you learn to monitor your servers, routers and other devices within your control for changes of any nature, as they could be the first steps in a severe attack. As a penetration tester, I urge you to learn that hackers do cover their tracks. That being said, as I seem to have forgotten to include it earlier - to set the web interface back off, simply change the 0 to a 1.