Computers & Electronics

Don't use Upnp and check your gadgets

  • Last Updated:
  • Oct 6th, 2016 6:41 pm
Member
Dec 7, 2015
479 posts
105 upvotes
Ottawa, ON

Don't use Upnp and check your gadgets

Krebs' article on Mirai and the affected gadgets

Don't use Upnp - it is unsafe.

Re: Mirai DDos attack: The Krebs article linked above shows a table of known affected devices - but note that the list may not be complete. Check to see if your gadget is on the list and change the password if it is. Heck - change the default password on any device you have even if it is not on the list.

I was surprised to see the Ubiquiti AirOS router on the list. Tsk, tsk...
7 replies
Deal Guru
User avatar
Feb 10, 2007
13939 posts
5437 upvotes
of course it's unsafe, but it's also convenient.

it's a double edge sword
The sweetest gyal
Deal Expert
Aug 22, 2006
31271 posts
17295 upvotes
In other news, water is wet.
Also what year is this.
Do you not have anything else to do rather than argue with strangers on the internet
Nope. That's why I'm on the internet arguing with strangers. If I had anything better to do I'd probably be doing it.
Member
Dec 7, 2015
479 posts
105 upvotes
Ottawa, ON
death_hawk wrote: Also what year is this.
Given the seriousness of the Mirai DDoS attack, it appears that a lot of people haven't got the message, so it bears repeating.
Deal Expert
User avatar
Jun 12, 2003
15213 posts
1671 upvotes
Markham
Tl:dr don't use default passwords
ShadowVlican
Deal Fanatic
Sep 4, 2009
6575 posts
726 upvotes
ShadowVlican wrote: Tl:dr don't use default passwords
You missed the part in the article where it says very clearly even if you changed the pw, the SSH and Telnet might still be the default pw set by the manufacturer. You might well have no way of changing this.
Member
Dec 7, 2015
479 posts
105 upvotes
Ottawa, ON
At the minimum, you should close the Telnet/SSH port if you don't actually need it. It should only have been opened if you used Upnp to set up the device. You can find port scanning web sites that will see what ports are open on the WAN side of your network. If you access the device with a web interface, you don't need the telnet/ssh interface.
Deal Expert
Aug 22, 2006
31271 posts
17295 upvotes
willilumplump wrote:
death_hawk wrote: Also what year is this.
Given the seriousness of the Mirai DDoS attack, it appears that a lot of people haven't got the message, so it bears repeating.
Tell that to manufacturers that push ease of use over security.
It's like one of the first things that should be done on a router.
Do you not have anything else to do rather than argue with strangers on the internet
Nope. That's why I'm on the internet arguing with strangers. If I had anything better to do I'd probably be doing it.

Top