[AusNOG] Some ZyXEL routers vulnerable to DoS

Heinz N ausnog at equisoft.com.au
Wed Jan 15 14:31:16 EST 2014


Careful, don't tell anyone in AUS about it as they will call the feds on 
you ;-) (And their tummy will hurt)

We should just let those lovely chinese and russian helpful people
find and "fix" the situation for us :-) Then Ralph will have to
take notice.

Just monitor SYN on port 22 & 23 and see for yourself. There are just
SO many helpful souls all over the world waiting to help us all
the time. They must truly love us :-)

The problem with CPE is that the end user has absolutely no
idea about all the bytes hitting their interface and cannot
monitor it. Certainly Telstra & Optus already block ports
on their consumer plans, what is so hard to block a few more.
It is the normal consumer plans where all of the unsecured
stuff would be anyway. This is just my humble opinion.

H.

> Yay CPE SYN DoS \o/
>
> When the open telnet issue was discussed (again... and nothing
> happened... again... because hard.) a while back "someone I met on the
> internet and have no way of identifying or contacting again" spent some
> time actively scanning a few large .au residential netblocks. They
> prioritised the open/unsecure telnet services by volume and wrote an NSE
> (Nmap Scripting Engine) plugin to authenticate against the top couple
> (Busybox) w/ default credentials, dump the configs and default the flash.
>
> Eventually someone else will do the same and they'll actually use it.
> Then you'll have something to worry about. This is a really old story. I
> did talk to one of the big carriers about it but got Ralph Wiggum.
>
> </broken record>
>
>
>
>
> T.
>
> On 15/01/14 1:44 PM, Tom Storey wrote:
>> This has been in discussion on uknof for a day or two, not sure how
>> many here might be using the affected units or have customers with
>> them, but something to be aware of.
>>
>> http://www.theregister.co.uk/2014/01/14/chinese_hackers_cripple_british_firms_internet_connections/
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>
>
> -- 
> PGP/GNUPG Public Key: http://d3vnu11.com/pub.key
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>


More information about the AusNOG mailing list