BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] Ban UPnP? Re: The Mirai botnet
- Subject: [Discuss] Ban UPnP? Re: The Mirai botnet
- From: richb at pioneer.ci.net (Rich Braun)
- Date: Tue, 1 Nov 2016 11:32:53 -0700
- In-reply-to: <40f7d134e1d45248d99f2c37a91a6a2e.squirrel@webmail.ci.net>
- References: <40f7d134e1d45248d99f2c37a91a6a2e.squirrel@webmail.ci.net>
Finally, I see a company name attached to this Mirai botnet problem: Hangzhou Xiongmai Technologies, whose devices leave an essentially unprotected (and unprotectable) telnet server open. http://qz.com/819391/a-collision-of-chinese-manufacturing-globalization-and-consumer-ignorance-could-ruin-the-internet-for-everyone/ The article mentions nothing about UPnP, though, so I'm still left wondering how the attack happened. Another article notes Xiongmai's response, which includes a product recall: http://www.welivesecurity.com/2016/10/24/webcam-firm-recalls-hackable-devices-mighty-mirai-botnet-attack/ And their IPC (IP camera) product specs do include UPnP, so presumably it's enabled by default and causing also-unsecure Netgear/DLink/Linksys defaults to leak their open TCP ports out onto the open Internet. What will these router vendors' response be? And is it appropriate to begin a campaign to discontinue support for UPnP (by all products everywhere), as was done a few years ago for the non-secure wifi WEP auth protocol? -rich
- References:
- [Discuss] The Mirai botnet
- From: richb at pioneer.ci.net (Rich Braun)
- [Discuss] The Mirai botnet
- Prev by Date: [Discuss] The Mirai botnet
- Next by Date: [Discuss] IoT and Security
- Previous by thread: [Discuss] The Mirai botnet
- Next by thread: [Discuss] IoT and Security
- Index(es):