Hackers hijack 300, 000-plus wireless routers, make malicious changes | Ars Technica
Warren Bailey
wbailey at satelliteintelligencegroup.com
Tue Mar 4 19:59:57 UTC 2014
I don¹t know that they have a lot of motivation to support ³legacy² access
points. The home brew guys tend to magically ³find² ways to install
software on these POS CPE AP/Router combos, which I don¹t think is a
coincidence. The linksys types of the world want to sell more routers, not
make routers that suddenly have an amazing 8 year shelf life. Most people
get tired of that POS box that gives them internet not working, and buy a
new LESS POS with whatever 802.xxx of the week/month/year/shopping season.
The margins probably really suck if you support a piece of plastic longer
than __ months, so I doubt you¹ll see anyone supporting their cheap box
any time soon. I bet if you offered them a way to do it for free, they¹d
look at it ;)
On 3/4/14, 11:52 AM, "Merike Kaeo" <kaeo at merike.com> wrote:
>
>On Mar 4, 2014, at 6:54 AM, Valdis.Kletnieks at vt.edu wrote:
>
>> On Tue, 04 Mar 2014 09:28:01 -0400, jim deleskie said:
>>> Why want to swing such a big hammer. Even blocking those 2 IP's will
>>> isolate your users, and fill your support queue's.
>>>
>>> Set up a DNS server locally to reply to those IP's Your customers
>>>stay up
>>> and running and blissfully unaware.
>>>
>>> Log the IP's hitting your DNS servers on those IP and have your support
>>> reach out to them in a controlled way, or reply to any request via DNS
>>> with an internal host that has a web page explaining what is broken
>>>and how
>>> they can fix it avoiding at least some of the calls to your helpdesk.
>>
>> Two words: "DNS Changer". What did we learn from that?
>
>My thoughts exactly. Some walled gardens set up in those instances.
>
>And don't blindly follow someone's advice without looking at impacts to
>your
>networks.
>
>CPE devices are just a huge cesspool. Any device that already doesn't
>let you
>change username 'admin' is off to a bad start. We have to get these
>supposedly
>'plug it in and never touch it' devices to be better at firmware upgrades.
>
>- merike
More information about the NANOG
mailing list