[AusNOG] Some ZyXEL routers vulnerable to DoS
the.damo at gmail.com
Wed Jan 15 15:32:54 EST 2014
I'm sure the carriers are just going to wait long enough until they are
forced to deploy CGNAT to all consumers and that will take care of 2 birds
with one stone.
On Wed, Jan 15, 2014 at 11:31 AM, Heinz N <ausnog at equisoft.com.au> wrote:
> Careful, don't tell anyone in AUS about it as they will call the feds on
> you ;-) (And their tummy will hurt)
> We should just let those lovely chinese and russian helpful people
> find and "fix" the situation for us :-) Then Ralph will have to
> take notice.
> Just monitor SYN on port 22 & 23 and see for yourself. There are just
> SO many helpful souls all over the world waiting to help us all
> the time. They must truly love us :-)
> The problem with CPE is that the end user has absolutely no
> idea about all the bytes hitting their interface and cannot
> monitor it. Certainly Telstra & Optus already block ports
> on their consumer plans, what is so hard to block a few more.
> It is the normal consumer plans where all of the unsecured
> stuff would be anyway. This is just my humble opinion.
> Yay CPE SYN DoS \o/
>> When the open telnet issue was discussed (again... and nothing
>> happened... again... because hard.) a while back "someone I met on the
>> internet and have no way of identifying or contacting again" spent some
>> time actively scanning a few large .au residential netblocks. They
>> prioritised the open/unsecure telnet services by volume and wrote an NSE
>> (Nmap Scripting Engine) plugin to authenticate against the top couple
>> (Busybox) w/ default credentials, dump the configs and default the flash.
>> Eventually someone else will do the same and they'll actually use it.
>> Then you'll have something to worry about. This is a really old story. I
>> did talk to one of the big carriers about it but got Ralph Wiggum.
>> </broken record>
>> On 15/01/14 1:44 PM, Tom Storey wrote:
>>> This has been in discussion on uknof for a day or two, not sure how
>>> many here might be using the affected units or have customers with
>>> them, but something to be aware of.
>>> AusNOG mailing list
>>> AusNOG at lists.ausnog.net
>> PGP/GNUPG Public Key: http://d3vnu11.com/pub.key
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
> AusNOG mailing list
> AusNOG at lists.ausnog.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the AusNOG