[AusNOG] Analysis of the Carna Botnet (Internet Census 2012)
Heinz N
ausnog at equisoft.com.au
Wed May 29 17:23:21 EST 2013
> The least of all evils is that the carriers block ingress TCP:22/23 unless
> otherwise specified while they work with the user base to clean things up.
> Internode do something along these lines where by default a bunch of
> known-bad ports are blocked and users can unblock them via web UI where
> required.
I would also block 80, 8080 & 443 .... it is shocking just how many
devices have admin interfaces on the WAN. Not even mentioning the special
packets that can game some devices. There are some devices with absolutely
horrendous hardware sploits that cannot be blocked. I would want to know
if I had one of those. It would go into the bin immediately.
H.
More information about the AusNOG
mailing list