ATTN: Linux routers and modems *wormed*.

M

MBUnit

http://www.theregister.co.uk/2009/03/24/psyb0t_home_networking_worm/

<copied>

Vulnerable devices include any home router or modem that uses Linux
Mipsel, has an administration interface, sshd, or telnet in a DMZ, and
employs a weak password. Once the malware takes hold, it locks
legitimate users out of the device by blocking telnet, sshd, and web
access. It then makes the devices part of a botnet. The researchers said
they first learned of the worm while investigating DDoS attacks that hit
DroneBL's infrastructure two weeks ago.

<end copy>
 
D

DanS

MBUnit said:
http://www.theregister.co.uk/2009/03/24/psyb0t_home_networking_worm/

<copied>

Vulnerable devices include any home router or modem that uses Linux
Mipsel, has an administration interface, sshd, or telnet in a DMZ, and
employs a weak password. Once the malware takes hold, it locks
legitimate users out of the device by blocking telnet, sshd, and web
access. It then makes the devices part of a botnet. The researchers said
they first learned of the worm while investigating DDoS attacks that hit
DroneBL's infrastructure two weeks ago.

<end copy>
Click to expand...

Yes, old news AND not an exploit. A user problem...setting weak usernames
and passwords.

Brute force dictionary attacks are NOT a system security issue.

If a user uses 'password' as a password, then it's a system exploit ? No,
it's plain user stupidity.
 
B

Bill Yanaire

Remember when we were talking last week and you had to go to your night job?
Which McDonald's do you work at? Maybe you can help my neighbors kid get a
job.
 
Top