<div dir="ltr">Yup.... that and a dozen servers on AWS for an hour will cost you about $1 ;-)</div><div class="gmail_extra"><br clear="all"><div><div dir="ltr"><div><br>...Skeeve</div><div><br></div><div><div><b style="font-size:13px;font-family:Calibri">Skeeve Stevens - </b><span style="font-size:13px;font-family:Calibri">eintellego Networks Pty Ltd</span></div>
<div><div><span style="font-family:Calibri;font-size:13px"><a href="mailto:skeeve@eintellegonetworks.com" target="_blank">skeeve@eintellegonetworks.com</a> ; <a href="http://www.eintellegonetworks.com/" target="_blank">www.eintellegonetworks.com</a></span><font><p style="font-family:Calibri;font-size:13px;margin:0px">
Phone: 1300 239 038; Cell +61 (0)414 753 383 ; <a>skype://skeeve</a></p><p style="font-family:Calibri;font-size:13px;margin:0px"><a href="http://facebook.com/eintellegonetworks" target="_blank">facebook.com/eintellegonetworks</a> ; <a href="http://twitter.com/networkceoau" target="_blank"></a><a href="http://linkedin.com/in/skeeve" target="_blank">linkedin.com/in/skeeve</a> </p>
<p style="font-family:Calibri;font-size:13px;margin:0px"><a href="http://twitter.com/theispguy" target="_blank">twitter.com/theispguy</a><span style="color:rgb(0,0,0)"> ; blog: </span><a href="http://www.theispguy.com/" target="_blank">www.theispguy.com</a><br>
</p><p style="font-family:Calibri;font-size:13px;margin:0px"><img src="http://eintellegonetworks.com/logos/ein09.png"><br></p><p style="margin:0px"><span style="color:rgb(127,0,127);font-family:Calibri,sans-serif;font-size:13px">The Experts Who The Experts Call</span></p>
</font></div><div style="font-family:Calibri,sans-serif;font-size:14px;color:rgb(127,0,127)"><span style="color:rgb(0,32,96);font-size:13px">Juniper - Cisco </span><span style="color:rgb(0,32,96);font-size:13px">- Cloud</span><span style="color:rgb(0,32,96);font-size:13px"> </span><span style="color:rgb(0,32,96);font-size:13px">- Consulting</span></div>
</div></div></div></div>
<br><br><div class="gmail_quote">On Sat, Jan 4, 2014 at 3:37 PM, Tim March <span dir="ltr"><<a href="mailto:march.tim@gmail.com" target="_blank">march.tim@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
<a href="https://zmap.io/" target="_blank">https://zmap.io/</a><br>
<br>
Enjoy =)<br>
<br>
<br>
<br>
T.<br>
<br>
On 4/01/14 3:25 PM, Skeeve Stevens wrote:<br>
> Won't take long to find them all.. only takes about 15 minutes to scan<br>
> the entire v4 internet with the right resources.<br>
><br>
><br>
> ...Skeeve<br>
><br>
> *Skeeve Stevens - *eintellego Networks Pty Ltd<br>
> <a href="mailto:skeeve@eintellegonetworks.com">skeeve@eintellegonetworks.com</a><br>
> <mailto:<a href="mailto:skeeve@eintellegonetworks.com">skeeve@eintellegonetworks.com</a>> ; <a href="http://www.eintellegonetworks.com" target="_blank">www.eintellegonetworks.com</a><br>
> <<a href="http://www.eintellegonetworks.com/" target="_blank">http://www.eintellegonetworks.com/</a>><br>
><br>
> Phone: 1300 239 038; Cell +61 (0)414 753 383 ; skype://skeeve<br>
><br>
> <a href="http://facebook.com/eintellegonetworks" target="_blank">facebook.com/eintellegonetworks</a><br>
> <<a href="http://facebook.com/eintellegonetworks" target="_blank">http://facebook.com/eintellegonetworks</a>> ; <<a href="http://twitter.com/networkceoau" target="_blank">http://twitter.com/networkceoau</a>><a href="http://linkedin.com/in/skeeve" target="_blank">linkedin.com/in/skeeve</a><br>
> <<a href="http://linkedin.com/in/skeeve" target="_blank">http://linkedin.com/in/skeeve</a>><br>
><br>
> <a href="http://twitter.com/theispguy" target="_blank">twitter.com/theispguy</a> <<a href="http://twitter.com/theispguy" target="_blank">http://twitter.com/theispguy</a>> ;<br>
> blog: <a href="http://www.theispguy.com" target="_blank">www.theispguy.com</a> <<a href="http://www.theispguy.com/" target="_blank">http://www.theispguy.com/</a>><br>
><br>
><br>
> The Experts Who The Experts Call<br>
><br>
> Juniper - Cisco - Cloud - Consulting<br>
><br>
><br>
> On Sat, Jan 4, 2014 at 11:58 AM, Tim March <<a href="mailto:march.tim@gmail.com">march.tim@gmail.com</a><br>
> <mailto:<a href="mailto:march.tim@gmail.com">march.tim@gmail.com</a>>> wrote:<br>
><br>
><br>
> Yup...<br>
><br>
> <a href="http://threatpost.com/probes-against-linksys-backdoor-port-surging/103410" target="_blank">http://threatpost.com/probes-against-linksys-backdoor-port-surging/103410</a><br>
><br>
> <a href="https://isc.sans.org/forums/diary/Scans+Increase+for+New+Linksys+Backdoor+32764+TCP+/17336" target="_blank">https://isc.sans.org/forums/diary/Scans+Increase+for+New+Linksys+Backdoor+32764+TCP+/17336</a><br>
><br>
><br>
> T.<br>
><br>
> On 4/01/14 2:18 AM, Brad Peczka wrote:<br>
> > Evening all,<br>
> ><br>
> > This cropped up on my radar this evening:<br>
> <a href="https://github.com/elvanderb/TCP-32764" target="_blank">https://github.com/elvanderb/TCP-32764</a><br>
> ><br>
> > There's some better coverage in an Ars article here:<br>
> <a href="http://arstechnica.com/security/2014/01/backdoor-in-wireless-dsl-routers-lets-attacker-reset-router-get-admin/" target="_blank">http://arstechnica.com/security/2014/01/backdoor-in-wireless-dsl-routers-lets-attacker-reset-router-get-admin/</a><br>
> ><br>
> > In a nutshell, it looks like there's an exploit in a range of<br>
> Consumer and SOHO routers, whereby an unauthenticated administrative<br>
> interface is listening on port 32764. Some models are only listening<br>
> on the LAN interface, some models also listen to the WAN interface.<br>
> On the right model, you can reset the username/password to one of<br>
> your choosing and enable the remote administration interface.<br>
> ><br>
> > Would be interesting to see if there's a notable uptick in port<br>
> scans for this over the coming days... ;-)<br>
> ><br>
> > Regards,<br>
> > -Brad.<br>
> > _______________________________________________<br>
> > AusNOG mailing list<br>
> > <a href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a> <mailto:<a href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a>><br>
> > <a href="http://lists.ausnog.net/mailman/listinfo/ausnog" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
> ><br>
><br>
> --<br>
> PGP/GNUPG Public Key: <a href="http://d3vnu11.com/pub.key" target="_blank">http://d3vnu11.com/pub.key</a><br>
> _______________________________________________<br>
> AusNOG mailing list<br>
> <a href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a> <mailto:<a href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a>><br>
> <a href="http://lists.ausnog.net/mailman/listinfo/ausnog" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
><br>
><br>
<span class="HOEnZb"><font color="#888888"><br>
--<br>
PGP/GNUPG Public Key: <a href="http://d3vnu11.com/pub.key" target="_blank">http://d3vnu11.com/pub.key</a><br>
</font></span></blockquote></div><br></div>