How Your Devices Could Become Part of Bot-Nets

Discussion in 'General OT' started by lamski, Oct 22, 2016.

  1. lamski

    lamski PhilMUG Addict Member

    Joined:
    May 8, 2005
    Messages:
    2,828
    Likes Received:
    433
    Location:
    Makati, Philippines
    Having read about yesterday's denial of service attacks using bot-nets made up of Internet of Things devices, I decided to check my modem router's logs and I see a bunch of these alerts:

    Googling the alert led to information (http://mybroadband.co.za/vb/showthread.php/607966-D-Link-Modem-Log-kernel-intrusion) that these logs indicate that hackers are trying to scan for open ports (the DPT entry) on my router. They say that this indicates that the router is doing its job and is harmless. They also advised to be weary if the router keeps dropping the internet connection. This might be an indication that your router has been hacked.

    Always make sure that your internet-connected devices are not using the default login credentials.
     
  2. amg99

    amg99 Active Member

    Joined:
    Oct 15, 2008
    Messages:
    531
    Likes Received:
    81
    People really need to be aware of the risk in not changing default login credentials, especially on routers. But that's just one step on the right direction. More information can be found here: http://routersecurity.org .

    Regarding IoT BotNets though, it's not just the issue of default login credentials. There are devices with Telnet and SSH passwords hardcoded into the firmware and the only remedy is to unplug them.

    I wonder how many devices in the country are part of the attack.

    https://krebsonsecurity.com/2016/10/hacked-cameras-dvrs-powered-todays-massive-internet-outage/
     
    lamski likes this.
  3. Juice

    Juice PhilMUG Addict Member
    Supporter

    Joined:
    May 31, 2009
    Messages:
    2,868
    Likes Received:
    1,464
    When installing a router, don't plug it online yet. Change the username and password first. There are bots that scan IPs and once it finds the right credentials, it starts to work on that. There are reports in a forum I visited, that this is the case.
     
  4. amg99

    amg99 Active Member

    Joined:
    Oct 15, 2008
    Messages:
    531
    Likes Received:
    81
    greta87 likes this.
  5. amg99

    amg99 Active Member

    Joined:
    Oct 15, 2008
    Messages:
    531
    Likes Received:
    81

Share This Page

  • About PhilMUG

    Since the mid-1990s, PhilMUG (formerly the Philippine Macintosh Users Group) has grown to become not just the Philippines’ but one of the world’s foremost Apple user groups. Our online community brings together thousands of members from the Philippines and around the world for the latest news and discussions covering all Apple products and related hardware and software. Anyone can join PhilMUG, from newbies to experts, subject to our membership rules and guidelines.
  • Like us on Facebook

  • Buy us a beer!

    The staff works very hard to make sure that PhilMUG is running 24/7. Care to buy us a beer or help out with our hosting fees? We'd really appreciate it!

    Donate to us!