Kitz Forum

Computer Software => Security => Topic started by: jack21 on May 29, 2015, 07:18:52 AM

Title: Moose Worm targets home routers
Post by: jack21 on May 29, 2015, 07:18:52 AM

Just spotted this:

http://www.bbc.co.uk/news/technology-32915997

Title: Re: Moose Worm targets home routers
Post by: c6em on May 29, 2015, 08:40:05 AM

I thought that no home routers were open to the WAN side for management - if as the article implies it works by accessing routers still with the default password.

Title: Re: Moose Worm targets home routers
Post by: jack21 on May 29, 2015, 09:06:49 AM

Apparently there are are some that are exposed to WAN access by default, or exposed intentionally for remote access; the researchers say there were many found exposed.

The article references prevention recommendations as follows:

Change default passwords on network equipment even if it is not reachable from the Internet.
Disable Telnet login and use SSH where possible.
Make sure that your router is not accessible from the Internet on ports 22 (SSH), 23 (Telnet), 80 (HTTP)
and 443 (HTTPS). If you are unsure about how to perform this test, when you are at home,
use the "common ports" scan from the
ShieldsUP service from GRC.com
. Make sure that
the above mentioned ports receive a Stealth or Closed status.
Running the latest firmware available from your embedded device vendor is also recommende

Title: Re: Moose Worm targets home routers
Post by: loonylion on May 29, 2015, 01:47:56 PM

mynd you, m00se bites can be pretti nasti...

 :P