MrGuvernment
Fully [H]
- Joined
- Aug 3, 2004
- Messages
- 21,818
https://threatpost.com/default-cred...ve-ddos-for-hire-botnet/112767#comment-504523
The part that i am curious about was:
Wondering, are these solely Routers or AP's, and if Routers, WHY are they default shipping with administration over WAN open..
Also i would say all routers now a day should be prompting people to run a setup to set a user and pass and do away with the "default user and pass" settings as we know most users are too lazy to change them and set up their systems correctly.
The part that i am curious about was:
Incapsula discovered a botnet, still largely active, that primarily consists of routers manufactured by the California-based networking company Ubiquiti Networks. While the firm initially assumed the routers suffered from a shared firmware flaw, researchers were able to determine that all units are remotely accessible via HTTP and SSH on their default ports, and could also be accessed via vendor-provided default login credentials. This opens the routers up to eavesdropping, man-in-the-middle attacks, cookie hijack, and gives attackers the ability to gain access to other local network devices. - See more at: https://threatpost.com/default-cred...ve-ddos-for-hire-botnet/112767#comment-504523
Wondering, are these solely Routers or AP's, and if Routers, WHY are they default shipping with administration over WAN open..
Also i would say all routers now a day should be prompting people to run a setup to set a user and pass and do away with the "default user and pass" settings as we know most users are too lazy to change them and set up their systems correctly.