SOCNET

Go Back   SOCNET: The Special Operations Community Network > Areas of Expertise > Technology and Communications

Reply
 
Thread Tools Display Modes
  #1  
Old 26 May 2018, 01:02
1RiserSlip's Avatar
1RiserSlip 1RiserSlip is online now
Been There Done That
 
Join Date: May 2015
Location: W. Slope of Big Sewell Mtn.
Posts: 4,423
FBI issues warning to reboot routers

I just saw this article.

https://www.popularmechanics.com/tec...rom%20%251%24s
__________________
I won't be wronged. I won't be insulted. I won't be laid a hand on. I don't do these things to other people and I require the same from them.

John Wayne as J.B. Books in the Shootist
Reply With Quote
  #2  
Old 26 May 2018, 03:01
Stretch Stretch is offline
The atomic zit
 
Join Date: Dec 2008
Location: Capital of the Old North State
Posts: 3,401
Hmmm

The one at home was acting funky the other night and Rebooting it did fix it.

At work we use a mifi that joker has been funky all week. Taking the battery out and letting it sit seemed to fix it.

Who knows, definitely not me.
Reply With Quote
  #3  
Old 26 May 2018, 07:19
The Fat Guy's Avatar
The Fat Guy The Fat Guy is offline
The Sagacious One
 
Join Date: Mar 2008
Location: Pushing string down the hall
Posts: 13,898
What's the date on that article?
__________________
No one will take better care of us, than us: Suicide Hotline: 1-800-273-8255
Reply With Quote
  #4  
Old 26 May 2018, 07:22
RemTech RemTech is offline
Confirmed User
 
Join Date: Jul 2013
Location: Jax Bch FL
Posts: 891
ARS Technica has a similar article dated 5/25
Reply With Quote
  #5  
Old 26 May 2018, 09:56
Soutpiel's Avatar
Soutpiel Soutpiel is offline
Walking the walk
 
Join Date: Dec 2011
Location: Cape Town/Cabo Delgado
Posts: 356
Or......maybe the FBI needs routers to reboot in order to iron out buggy installation of their spyware......
__________________
"A healthy dose of well managed paranoia can be your friend"
"The meek shall inherit f#ckall"
Reply With Quote
  #6  
Old 26 May 2018, 11:05
Steve40th Steve40th is offline
Confirmed User
 
Join Date: Nov 2015
Location: Charleston, South Carolina
Posts: 806
Hmm, I reboot mine a few times a week. I did look at mine and noticed my DNS/Wan was changed from Google Public to straight 0000 0000.
Hmm...
Reply With Quote
  #7  
Old 26 May 2018, 12:53
1RiserSlip's Avatar
1RiserSlip 1RiserSlip is online now
Been There Done That
 
Join Date: May 2015
Location: W. Slope of Big Sewell Mtn.
Posts: 4,423
Quote:
Originally Posted by The Fat Guy View Post
What's the date on that article?
I'm not sure TFG? I got the article from Google News. It was posted yesterday. You would think there would be more out there about this.
__________________
I won't be wronged. I won't be insulted. I won't be laid a hand on. I don't do these things to other people and I require the same from them.

John Wayne as J.B. Books in the Shootist
Reply With Quote
  #8  
Old 26 May 2018, 12:53
usmc_3m's Avatar
usmc_3m usmc_3m is offline
Confirmed User
 
Join Date: Jun 2013
Location: PR of Kali
Posts: 987
VPNFilter malware

This is due the the VPNFilter malware family. According to Cisco and Symantec, these are the vulnerable devices:

Linksys E1200
Linksys E2500
Linksys WRVS4400N
Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
Netgear DGN2200
Netgear R6400
Netgear R7000
Netgear R8000
Netgear WNR1000
Netgear WNR2000
QNAP TS251
QNAP TS439 Pro
Other QNAP NAS devices running QTS software
TP-Link R600VPN

More details available here:
US-CERT alert
Symantec blog

There is also a Cisco "Talos" article out there that gives additional tech details, for those who want to dig a bit deeper.

The fix? Reset device to factory defaults, change default passwords, update firmware.
__________________
"He who does not punish evil commands that it be done." -- Leonardo Da Vinci
Reply With Quote
  #9  
Old 28 May 2018, 10:42
Polypro's Avatar
Polypro Polypro is offline
BTDT
 
Join Date: Oct 1999
Location: A Noisy Bar In Avalon
Posts: 12,902
Quote:
Originally Posted by Soutpiel View Post
Or......maybe the FBI needs routers to reboot in order to iron out buggy installation of their spyware......

Hahahaha! "Your Amazon order has experienced an unexpected delay - it should arrive shortly"

But to be fair, that wasn't the fibbies

If you own one of those models ^, re-flash the latest firmware (or just buy a different router - they're like $50 these days) and disable remote management, which shouldn't be enabled anyway, unless you got your router from your ISP (noooooooo!) in addition to the other best practices.

This *has* to be because of remote management, an outward facing bug, or you got the endpoint to run something - cuz I can't see how you can execute code otherwise?

Also - if we assume most of the planet has routers - 500,000 ain't shit - don't panic. Then there's the always suspicious "Blame Russia" during our current President's tour of duty.
Reply With Quote
Reply

Thread Tools
Display Modes

Our new posting rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



All times are GMT -4. The time now is 23:11.
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2018, vBulletin Solutions Inc.
Socnet.com All Rights Reserved
SOCNET 1996-2018