Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month at the Massachusetts Institute of Technology, in Building E51.

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] The Mirai botnet

On Mon,Oct 31 09:45:PM, Rich Braun wrote:
> What's got me curious about all the mainstream-media hype about the Mirai
> botnet is--where are those 300,000 devices installed, what brands of products
> are they, were they compromised remotely or did they get infected before they
> left the (physical) factory, and what can we/the router vendors/the Linux
> community do to prevent such attacks from  being successful in the future?
> -rich

UPnP is not your friend, inned. It's a bit of a surprise to hear
some vendors have it "on" by default, but with IoT for everyone,
yup :)

A very zealous vendor could find a way to sell you a device that
will get web access w/o you ever thinking it will.

One way I could think of blocking this is by keeping a MAC
binding in dhcpd.conf (each device has to be manually added,
otherwise it's the 169. block for them.)

I guess that's (one reason) why the NSA has the "trusted vendor
program". IIRC, there has to be at least n number of Fab's on US
soil, no matter how financially unviable.
"Trusted ? Is the confidence in one?s ability to secure national
security systems by assessing the integrity of the people and
processes used to design, generate, manufacture and distribute
national security critical components (i.e. microelectronics)." 

Guy Gold

BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /