Âíèìàíèå! Áåçîïàñíîñòü Linux-based MIPSel ðîóòåðîâ!

**ABATAPA** · 24-03-2009, 14:14

Ïîÿâèëàñü èíôîðìàöèÿ î ïîÿâëåíèè ÷åðâÿ, àòàêóþùåãî ðîóòåðû, DSL-ìîäåìû ñ àðõèòåêòóðîé mipsel è ïîä óïðàâëåíèåì Linux.

Êàê åãî îïèñûâàþò òóò:

* ýòî — ïåðâûé áîòíåòîâûé ÷åðâü, ïîðàæàþùèé ðîóòåðû è DSL-ìîäåìû;
* ñîäåðæèò øåëëêîä äëÿ ìíîãèõ óñòðîéñòâ íà áàçå mipsel;
* íå íàöåëåí íà ÏÊ èëè ñåðâåðû;
* èñïîëüçóåò ìíîæåñòâî òåõíèê, âêëþ÷àÿ áðóòôîðñîâûé ïîäáîð username

assword;
* ñîáèðàåò ïàðîëè, ïåðåäàâàåìûå ïî ñåòè;
* ìîæåò ñêàíèðîâàòü ñåòü íà ïðåäìåò óÿçâèìûõ ñåðâåðîâ ñ phpMyAdmin è MySQL.

Óÿçâèìû Linux-óñòðîéñòâà íà áàçå mipsel, ñ îòêðûòûì web-èíòåðôåéñîì, telnetd èëè sshd â DMZ, ñî ñëàáûìè ïàðîëÿìè.

Êàê ïèøóò íà http://dronebl.org/blog/8:

You are only vulnerable if:

* Your device is a mipsel device.
* Your device has telnet, SSH or web-based interfaces available to the WAN
* Your username and password combinations are weak, OR the daemons that your firmware uses are exploitable.

Â àíãëîÿçû÷íîé ÷àñòè ôîðóìà óæå ïðîñêàêèâàëî çäåñü.

Óäåëÿéòå âíèìàíèå íàñòðîéêàì âàøèõ ìàðøðóòèçàòîðîâ, ñòîéêîñòè ïàðîëåé, íàñòðîéêàì firewall, äîñòóïíîñòè âàøåãî ìàðøðóòèçàòîðà èçâíå!

Â áîëüøèíñòâå ñëó÷àåâ çàðàæåííûå ðîóòåðû "èçëå÷èâàþòñÿ" ïåðåçàãðóçêîé.

Thread: Âíèìàíèå! Áåçîïàñíîñòü Linux-based MIPSel ðîóòåðîâ!

Thread Tools

Rate This Thread

Display

Threaded View

Âíèìàíèå! Áåçîïàñíîñòü Linux-based MIPSel ðîóòåðîâ!

Similar Threads

Oscam für Mipsel Router

Áåçîïàñíîñòü SSH (dropbear)

warning: mipsel botnet worm targets routers and dsl modems

New 1.0.4.6 based custom firmware

Recompiling with mipsel

Tags for this Thread

Posting Permissions