Topic: Moose Worm targets home routers (Read 1836 times)

jack21 · « **on:** May 29, 2015, 07:18:52 AM »

Just spotted this:

http://www.bbc.co.uk/news/technology-32915997

c6em · « **Reply #1 on:** May 29, 2015, 08:40:05 AM »

I thought that no home routers were open to the WAN side for management - if as the article implies it works by accessing routers still with the default password.

jack21 · « **Reply #2 on:** May 29, 2015, 09:06:49 AM »

Apparently there are are some that are exposed to WAN access by default, or exposed intentionally for remote access; the researchers say there were many found exposed.

The article references prevention recommendations as follows:

Change default passwords on network equipment even if it is not reachable from the Internet.
Disable Telnet login and use SSH where possible.
Make sure that your router is not accessible from the Internet on ports 22 (SSH), 23 (Telnet), 80 (HTTP)
and 443 (HTTPS). If you are unsure about how to perform this test, when you are at home,
use the "common ports" scan from the
ShieldsUP service from GRC.com
. Make sure that
the above mentioned ports receive a Stealth or Closed status.
Running the latest firmware available from your embedded device vendor is also recommende

loonylion · « **Reply #3 on:** May 29, 2015, 01:47:56 PM »

mynd you, m00se bites can be pretti nasti...

News:

Author Topic: Moose Worm targets home routers (Read 1836 times)

jack21

Moose Worm targets home routers

c6em

Re: Moose Worm targets home routers

jack21

Re: Moose Worm targets home routers

loonylion

Re: Moose Worm targets home routers