Collaborate Disseminate
My landlord is not tech savvy. We’ve been having problems with the Wifi router, so he asked me to take a look. What I found was surprising. Not only had Spectrum Internet enabled remote management and UPnP, and the firewall w… Continue reading Spectrum Internet remote management
Security researchers are warning that a botnet has been exploiting a five-year-old vulnerability to hijack home routers over the last couple of months.
Read more in my article on the Tripwire State of Security blog.
Continue reading Spam-spewing IoT botnet infects 100,000 routers using five-year-old flaw
A sophisticated proxy code has infected hundreds of thousands of devices already. Continue reading Rapidly Growing Router Botnet Takes Advantage of 5-Year-Old Flaw
I run minidlna/ReadyMedia (Version: 1.1.2+dfsg-1~ubuntu14.04.1) on my Ubuntu server for a few years. Minidlna is bound to the interfaces eth0 and eth1 using the config (/etc/minidlna.conf).
Last week, I did a port scan and r… Continue reading Why is minidlna listening on an unspecified port?
I want to have UPNP server that is incapable of doing anything, except logging. Since it is impossible to have a secure UPNP server.
Log request for modifications to the firewall. As much information about the request even… Continue reading Are there any fake UPNP servers?
The Federal Bureau of Investigation (FBI) is warning that a new malware threat has rapidly infected more than a half-million consumer devices. To help arrest the spread of the malware, the FBI and security firms are urging home Internet users to r… Continue reading FBI: Kindly Reboot Your Router Now, Please
Hackers have started to abuse routers and other internet-of-things devices that expose their UPnP interfaces to the internet to launch distributed denial-of-service (DDoS) attacks that are hard to block, even by DDoS mitigation providers. Researchers … Continue reading Hackers Using Hard-to-Block DDoS Amplification Technique
Universal Plug and Play networking protocols can be exploited to bypass DDoS mitigations. Continue reading Attackers Use UPnP to Sidestep DDoS Defenses
Amplification attack vectors are some of the most commonly used tools in the DDoS attacker’s arsenal. In the last quarter of 2017, we saw NTP amplification employed in roughly 33 percent of all DDoS assaults against our customers, while DNS and S… Continue reading New DDoS Attack Method Demands a Fresh Approach to Amplification Assault Mitigation
Most readers here have likely heard or read various prognostications about the impending doom from the proliferation of poorly-secured “Internet of Things” or IoT devices. Loosely defined as any gadget or gizmo that connects to the Internet but which m… Continue reading Some Basic Rules for Securing Your IoT Stuff