Hackers hijack 300, 000-plus wireless routers, make malicious changes | Ars Technica
fmm
vovan at fakmoymozg.ru
Tue Mar 4 11:46:20 UTC 2014
On Tue, 04 Mar 2014 09:00:18 +0100, Jay Ashworth <jra at baylink.com> wrote:
> http://arstechnica.com/security/2014/03/hackers-hijack-300000-plus-wireless-routers-make-malicious-changes/
>
> Is there any valid reason not to black hole those /32s on the back bone?
>> The telltale sign a router has been compromised is DNS settings that
>> have been changed to 5.45.75.11 and 5.45.76.36. Team Cymru researchers
>> contacted the provider that hosts those two IP addresses but have yet
>> to receive a response.
you wanted to say "blackhole those 5.45.72.0/22 and 5.45.76.0/22", aren't
you?
Cheers
More information about the NANOG
mailing list