
<div dir="ltr">Yup.... that and a dozen servers on AWS for an hour will cost you about $1 ;-)</div><div class="gmail_extra"><br clear="all"><div><div dir="ltr"><div><br>...Skeeve</div><div><br></div><div><div><b style="font-size:13px;font-family:Calibri">Skeeve Stevens - </b><span style="font-size:13px;font-family:Calibri">eintellego Networks Pty Ltd</span></div>


<div><div><span style="font-family:Calibri;font-size:13px"><a href="mailto:skeeve@eintellegonetworks.com" target="_blank">skeeve@eintellegonetworks.com</a> ; <a href="http://www.eintellegonetworks.com/" target="_blank">www.eintellegonetworks.com</a></span><font><p style="font-family:Calibri;font-size:13px;margin:0px">


Phone: 1300 239 038; Cell +61 (0)414 753 383 ; <a>skype://skeeve</a></p><p style="font-family:Calibri;font-size:13px;margin:0px"><a href="http://facebook.com/eintellegonetworks" target="_blank">facebook.com/eintellegonetworks</a> ; <a href="http://twitter.com/networkceoau" target="_blank"></a><a href="http://linkedin.com/in/skeeve" target="_blank">linkedin.com/in/skeeve</a> </p>


<p style="font-family:Calibri;font-size:13px;margin:0px"><a href="http://twitter.com/theispguy" target="_blank">twitter.com/theispguy</a><span style="color:rgb(0,0,0)"> ; blog: </span><a href="http://www.theispguy.com/" target="_blank">www.theispguy.com</a><br>


</p><p style="font-family:Calibri;font-size:13px;margin:0px"><img src="http://eintellegonetworks.com/logos/ein09.png"><br></p><p style="margin:0px"><span style="color:rgb(127,0,127);font-family:Calibri,sans-serif;font-size:13px">The Experts Who The Experts Call</span></p>


</font></div><div style="font-family:Calibri,sans-serif;font-size:14px;color:rgb(127,0,127)"><span style="color:rgb(0,32,96);font-size:13px">Juniper - Cisco </span><span style="color:rgb(0,32,96);font-size:13px">- Cloud</span><span style="color:rgb(0,32,96);font-size:13px"> </span><span style="color:rgb(0,32,96);font-size:13px">- Consulting</span></div>


</div></div></div></div>

<br><br><div class="gmail_quote">On Sat, Jan 4, 2014 at 3:37 PM, Tim March <span dir="ltr"><<a href="mailto:march.tim@gmail.com" target="_blank">march.tim@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">


<br>

<a href="https://zmap.io/" target="_blank">https://zmap.io/</a><br>

<br>

Enjoy =)<br>

<br>

<br>

<br>

T.<br>

<br>

On 4/01/14 3:25 PM, Skeeve Stevens wrote:<br>

> Won't take long to find them all.. only takes about 15 minutes to scan<br>

> the entire v4 internet with the right resources.<br>

><br>

><br>

> ...Skeeve<br>

><br>

> *Skeeve Stevens - *eintellego Networks Pty Ltd<br>

> <a href="mailto:skeeve@eintellegonetworks.com">skeeve@eintellegonetworks.com</a><br>

> <mailto:<a href="mailto:skeeve@eintellegonetworks.com">skeeve@eintellegonetworks.com</a>> ; <a href="http://www.eintellegonetworks.com" target="_blank">www.eintellegonetworks.com</a><br>

> <<a href="http://www.eintellegonetworks.com/" target="_blank">http://www.eintellegonetworks.com/</a>><br>

><br>

> Phone: 1300 239 038; Cell +61 (0)414 753 383 ; skype://skeeve<br>

><br>

> <a href="http://facebook.com/eintellegonetworks" target="_blank">facebook.com/eintellegonetworks</a><br>

> <<a href="http://facebook.com/eintellegonetworks" target="_blank">http://facebook.com/eintellegonetworks</a>> ; <<a href="http://twitter.com/networkceoau" target="_blank">http://twitter.com/networkceoau</a>><a href="http://linkedin.com/in/skeeve" target="_blank">linkedin.com/in/skeeve</a><br>


> <<a href="http://linkedin.com/in/skeeve" target="_blank">http://linkedin.com/in/skeeve</a>><br>

><br>

> <a href="http://twitter.com/theispguy" target="_blank">twitter.com/theispguy</a> <<a href="http://twitter.com/theispguy" target="_blank">http://twitter.com/theispguy</a>> ;<br>

> blog: <a href="http://www.theispguy.com" target="_blank">www.theispguy.com</a> <<a href="http://www.theispguy.com/" target="_blank">http://www.theispguy.com/</a>><br>

><br>

><br>

> The Experts Who The Experts Call<br>

><br>

> Juniper - Cisco - Cloud - Consulting<br>

><br>

><br>

> On Sat, Jan 4, 2014 at 11:58 AM, Tim March <<a href="mailto:march.tim@gmail.com">march.tim@gmail.com</a><br>

> <mailto:<a href="mailto:march.tim@gmail.com">march.tim@gmail.com</a>>> wrote:<br>

><br>

><br>

>     Yup...<br>

><br>

>     <a href="http://threatpost.com/probes-against-linksys-backdoor-port-surging/103410" target="_blank">http://threatpost.com/probes-against-linksys-backdoor-port-surging/103410</a><br>

><br>

>     <a href="https://isc.sans.org/forums/diary/Scans+Increase+for+New+Linksys+Backdoor+32764+TCP+/17336" target="_blank">https://isc.sans.org/forums/diary/Scans+Increase+for+New+Linksys+Backdoor+32764+TCP+/17336</a><br>


><br>

><br>

>     T.<br>

><br>

>     On 4/01/14 2:18 AM, Brad Peczka wrote:<br>

>     > Evening all,<br>

>     ><br>

>     > This cropped up on my radar this evening:<br>

>     <a href="https://github.com/elvanderb/TCP-32764" target="_blank">https://github.com/elvanderb/TCP-32764</a><br>

>     ><br>

>     > There's some better coverage in an Ars article here:<br>

>     <a href="http://arstechnica.com/security/2014/01/backdoor-in-wireless-dsl-routers-lets-attacker-reset-router-get-admin/" target="_blank">http://arstechnica.com/security/2014/01/backdoor-in-wireless-dsl-routers-lets-attacker-reset-router-get-admin/</a><br>


>     ><br>

>     > In a nutshell, it looks like there's an exploit in a range of<br>

>     Consumer and SOHO routers, whereby an unauthenticated administrative<br>

>     interface is listening on port 32764. Some models are only listening<br>

>     on the LAN interface, some models also listen to the WAN interface.<br>

>     On the right model, you can reset the username/password to one of<br>

>     your choosing and enable the remote administration interface.<br>

>     ><br>

>     > Would be interesting to see if there's a notable uptick in port<br>

>     scans for this over the coming days... ;-)<br>

>     ><br>

>     > Regards,<br>

>     > -Brad.<br>

>     > _______________________________________________<br>

>     > AusNOG mailing list<br>

>     > <a href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a> <mailto:<a href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a>><br>

>     > <a href="http://lists.ausnog.net/mailman/listinfo/ausnog" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>

>     ><br>

><br>

>     --<br>

>     PGP/GNUPG Public Key: <a href="http://d3vnu11.com/pub.key" target="_blank">http://d3vnu11.com/pub.key</a><br>

>     _______________________________________________<br>

>     AusNOG mailing list<br>

>     <a href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a> <mailto:<a href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a>><br>

>     <a href="http://lists.ausnog.net/mailman/listinfo/ausnog" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>

><br>

><br>

<span class="HOEnZb"><font color="#888888"><br>

--<br>

PGP/GNUPG Public Key: <a href="http://d3vnu11.com/pub.key" target="_blank">http://d3vnu11.com/pub.key</a><br>

</font></span></blockquote></div><br></div>