[AusNOG] Some ZyXEL routers vulnerable to DoS

Damian Guppy the.damo at gmail.com
Wed Jan 15 15:32:54 EST 2014

I'm sure the carriers are just going to wait long enough until they are
forced to deploy CGNAT to all consumers and that will take care of 2 birds
with one stone.


On Wed, Jan 15, 2014 at 11:31 AM, Heinz N <ausnog at equisoft.com.au> wrote:

> Careful, don't tell anyone in AUS about it as they will call the feds on
> you ;-) (And their tummy will hurt)
> We should just let those lovely chinese and russian helpful people
> find and "fix" the situation for us :-) Then Ralph will have to
> take notice.
> Just monitor SYN on port 22 & 23 and see for yourself. There are just
> SO many helpful souls all over the world waiting to help us all
> the time. They must truly love us :-)
> The problem with CPE is that the end user has absolutely no
> idea about all the bytes hitting their interface and cannot
> monitor it. Certainly Telstra & Optus already block ports
> on their consumer plans, what is so hard to block a few more.
> It is the normal consumer plans where all of the unsecured
> stuff would be anyway. This is just my humble opinion.
> H.
>  Yay CPE SYN DoS \o/
>> When the open telnet issue was discussed (again... and nothing
>> happened... again... because hard.) a while back "someone I met on the
>> internet and have no way of identifying or contacting again" spent some
>> time actively scanning a few large .au residential netblocks. They
>> prioritised the open/unsecure telnet services by volume and wrote an NSE
>> (Nmap Scripting Engine) plugin to authenticate against the top couple
>> (Busybox) w/ default credentials, dump the configs and default the flash.
>> Eventually someone else will do the same and they'll actually use it.
>> Then you'll have something to worry about. This is a really old story. I
>> did talk to one of the big carriers about it but got Ralph Wiggum.
>> </broken record>
>> T.
>> On 15/01/14 1:44 PM, Tom Storey wrote:
>>> This has been in discussion on uknof for a day or two, not sure how
>>> many here might be using the affected units or have customers with
>>> them, but something to be aware of.
>>> http://www.theregister.co.uk/2014/01/14/chinese_hackers_
>>> cripple_british_firms_internet_connections/
>>> _______________________________________________
>>> AusNOG mailing list
>>> AusNOG at lists.ausnog.net
>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>> --
>> PGP/GNUPG Public Key: http://d3vnu11.com/pub.key
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>  _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140115/70311f59/attachment.html>

More information about the AusNOG mailing list