|
Many of the fundamental pieces of the Internet were designed through an RFC process that was created for a world where everybody was cooperating with one another, and where intentional bad actors weren't really envisioned. This worked pretty well for a couple of decades or so, until the Internet stopped being a smallish set of corporations and universities trading data and became what everybody everywhere used all the time. [Feel free to denounce the history here, which is based entirely on my memory; I started using Usenet in 1983.] Nowadays we're stuck with an infrastructure that isn't designed to detect spoofing, and that isn't designed to identify and reject selected traffic. Approaches like making mail originators authenticate and sign their messages are moving at a glacial pace. Tell me about what redesigns and reimplementations are taking face, what changes are needed and will never happen, how you tell the difference between state actors and criminal actors, and anything else you think is relevant. e: Major security dude Bruce Schneier wrote an excellent essay last month called Someone Is Trying to Take Down the Internet. Arsenic Lupin fucked around with this message at 22:50 on Oct 21, 2016 |
# ? Oct 21, 2016 22:39 |
|
|
# ? Mar 28, 2024 14:39 |
|
Worth noting that apparently the tool that was used is Mirai, which apparently just connects to DVRs and CC cameras and other networked devices and checks a list of 61 default passwords to see if it can get access. Not surprisingly, it gets a hold of shittons and then can use them to launch an attack. Gee just randomize an alphanumeric password and print it on the manual no? Require a physical button to reset it to a temporary default for a couple hours in case you are locked out?
|
# ? Oct 21, 2016 22:53 |
|
If you're still having connection issues, try pointing your network at Google DNS or OpenDNS Google DNS is 8.8.8.8 8.8.4.4 I forget OpenDNS Anyway, as I said in the GBS thread: Services like Google Shield have dedicated machines do the filtering out of attacker IP addresses on a server's behalf, but I guess DYN didn't have that, or it took them until a half hour ago to put something like that in place
|
# ? Oct 21, 2016 22:54 |
|
Moridin920 posted:Worth noting that apparently the tool that was used is Mirai, which apparently just connects to DVRs and CC cameras and other networked devices and checks a list of 61 default passwords to see if it can get access. Not surprisingly, it gets a hold of shittons and then can use them to launch an attack. If I were a router manufacturer, I would generate a random set of 3 or 4 words for user ease and have it attached via sticker like the MAC address. People discard manuals and manage their routers infrequently enough that forgetting is the primary reason for having a default that you can just something search.
|
# ? Oct 21, 2016 22:58 |
|
Stinky_Pete posted:If I were a router manufacturer, I would generate a random set of 3 or 4 words for user ease and have it attached via sticker like the MAC address. People discard manuals and manage their routers infrequently enough that forgetting is the primary reason for having a default that you can just something search. Default passwords make customer service's life so much easier. Every time I have to call Comcast I say "no, I'm not using the default password, I'm using blahblah". Once a CSR tried to convince me that changing the default password and network name were causing my problem. People who use the default username/password are much easier to walk through problems.
|
# ? Oct 21, 2016 23:01 |
|
Is it so hard to ask someone to pick up their router and--yes. Yes it is. Of course it is.
|
# ? Oct 21, 2016 23:17 |
|
Geographically distributed, real time load balancing, next.
|
# ? Oct 22, 2016 01:32 |
|
Per Krebs on Security, the vast majority of the devices in this botnet are traceable to one company that hard-codes the Telnet and SSH passwords into the device. quote:According to researchers at security firm Flashpoint, today’s attack was launched at least in part by a Mirai-based botnet. Allison Nixon, director of research at Flashpoint, said the botnet used in today’s ongoing attack is built on the backs of hacked IoT devices — mainly compromised digital video recorders (DVRs) and IP cameras made by a Chinese hi-tech company called XiongMai Technologies. The components that XiongMai makes are sold downstream to vendors who then use it in their own products.
|
# ? Oct 22, 2016 03:05 |
|
|
# ? Oct 24, 2016 17:27 |
|
Arsenic Lupin posted:Default passwords make customer service's life so much easier. Every time I have to call Comcast I say "no, I'm not using the default password, I'm using blahblah". Once a CSR tried to convince me that changing the default password and network name were causing my problem. People who use the default username/password are much easier to walk through problems. They make everyone's life easier. I probably reset a half dozen enterprise grade Cisco devices to defaults a month for people.
|
# ? Oct 24, 2016 19:28 |
|
My latest Comcast router at least has a permanent label with the randomly generated default password and network name.... On the bottom.
|
# ? Oct 24, 2016 20:19 |
|
I believe it will at some point become necessary to institute an Internet connectivity tax to discourage people from buying cheap Internet-enabled coffee makers or buttplugs just for the novelty. If a product doesn't deliver an extra $20 worth by virtue of being internet enabled, you probably shouldn't buy it in the first place. We're also going to need legislation. Connecting a device with remote control capabilities to the Internet without changing the default password is like putting a gun safe on your porch and leaving the keys in the lock. That level of negligence needs to be criminal.
|
# ? Oct 24, 2016 21:38 |
|
Jasper Tin Neck posted:I believe it will at some point become necessary to institute an Internet connectivity tax to discourage people from buying cheap Internet-enabled coffee makers or buttplugs just for the novelty. If a product doesn't deliver an extra $20 worth by virtue of being internet enabled, you probably shouldn't buy it in the first place. Lol what? You protect the assets that are valuable, like maybe a DNS server farm. Three olives kuierig isn't the problem. Your tax plan sounds elitist too, not to mention your criminal charge plan to lock up your own grandma that run an aol browesrer
|
# ? Oct 24, 2016 22:11 |
|
Burt Sexual posted:Lol what? do you read the news do you know what a botnet is Jasper Tin Neck posted:I believe it will at some point become necessary to institute an Internet connectivity tax to discourage people from buying cheap Internet-enabled coffee makers or buttplugs just for the novelty. If a product doesn't deliver an extra $20 worth by virtue of being internet enabled, you probably shouldn't buy it in the first place. Mandating minimum security standards for IoT devices seems better than prosecuting people for not knowing why their internet fridge is bad
|
# ? Oct 24, 2016 22:49 |
|
Jeb Bush 2012 posted:do you read the news Yes and agree. That was my point, badly made. Joe plumber can't be held responsible.
|
# ? Oct 24, 2016 22:55 |
|
Burt Sexual posted:Lol what? Recent high profile DDOS attacks have been just shitloads of DVRs and webcams bombing servers with traffic. Burt Sexual posted:Your tax plan sounds elitist too, not to mention your criminal charge plan to lock up your own grandma that run an aol browesrer Relax, I'm not coming after your elderly relatives. My point was maybe poorly worded, but poo poo like this: Arsenic Lupin posted:Per Krebs on Security, the vast majority of the devices in this botnet are traceable to one company that hard-codes the Telnet and SSH passwords into the device. Arsenic Lupin posted:Every time I have to call Comcast I say "no, I'm not using the default password, I'm using blahblah". Once a CSR tried to convince me that changing the default password and network name were causing my problem.
|
# ? Oct 25, 2016 20:53 |
|
|
# ? Mar 28, 2024 14:39 |
|
Arsenic Lupin posted:My latest Comcast router at least has a permanent label with the randomly generated default password and network name.... On the bottom. Theoretically this means that apart from the vanishingly small odds of guessing a randomly generated password a potential attacker would actually need to break into your house, look under your router for the password and use it in which case gently caress, they've got physical access to the device anyway which means they can basically do whatever they want with it if they know how. in practice comcast probably generated a few dozen passwords then called it a day
|
# ? Oct 26, 2016 15:16 |