What is Digg?Sponsored by Best Buy
Geek Squad employee sings for Best Buy in holiday campaign. view!
youtube.com/bestbuy0 - Valerie DeAngelo explains the moment she got the casting call.
72 Comments
- matthekc, on 03/26/2009, -2/+55This is a wake up to device manufacturers if your hardware is going to sit on-line all day admin is probably a bad default password. Home users tend not to change these passwords it would better to generate a random twelve character string.
- Sammi84, on 03/27/2009, -2/+42Let me get this straight:
These infestations aren't caused by security vulnerabilities in Linux code, but by lazy users who don't change the default password. Jeeees. It's not really a Linux problem is it? - ileftfark, on 03/27/2009, -0/+33Well, the author explains Psyb0t well enough, but should at least give some advice for those that may be zombies. You can protect yourself by doing simple things. Username and password (as mentioned above) is one quick and easy way. Disabling remote access to the control panel is also a good idea. Finally, a hard reset of the router will disconnect you from the botnet, and then set up a secure configuration on up-to-date firmware. Psyb0t can really only take advantage of devices that were almost asking to be taken over.
- Megatog615, on 03/27/2009, -0/+24I can still go to my local coffee shop and log in to the linksys router with admin/admin.
People are just clueless. - coldkill3r, on 03/27/2009, -0/+21I doubt most 14 year olds are using IRC to chat about stars.
- Hortinstein, on 03/27/2009, -0/+15hahahaha i did that yesterday since I could tell their DHCP lease systems were set for too long for a widely used hotspot...I opened up some more IPs and lowered the lease time...geek squad would have charged them 100 bucks.
- CharlesSaint, on 03/27/2009, -2/+17Good 'ol Linksys defaults...
username: admin
password: admin - Fratz, on 03/27/2009, -0/+14Yes, it truly is mind-bottling.
- subgeniusd, on 03/26/2009, -2/+16Re Home users: Crackers are just scanning with vendor default router password lists. A 9 character, non-dictionary pwd like Chuk9Phuk (remember Kill Bill?) is safe enough.
They are searching for low hanging fruit and an easily remembered password like that is fine, not worth the effort to run rainbow tables on - unless your precious computer contains some data of vast importance. Which I very much doubt.
And no, that's not my router pwd. (anticipating dopey Digg snaps) - computerfreedom, on 03/27/2009, -2/+15Leaving the keys in your new car is not BMW's problem.
its on the vendors to fix this. Linux is a kernel. - TSK05, on 03/27/2009, -0/+12You can't teach people to grow a brain. There are a lot more important things to learn in high school, like actual reasoning ability. The point of classes should not be to drill facts for standardized classes but to teach people to approach problem solving correctly.
- saranagati, on 03/27/2009, -3/+14it really has nothing to do with linux though. this could have been done with some super secure impenetrable operating system. its just caused by bad practice from the hardware manufacturers to set up such insecure settings. The only reason this has anything to do with linux is that the applications the author of psyb0t run on linux rather than some other hardware.
- phpirate, on 03/27/2009, -0/+10The objective is not to make it easy for them. It takes like 10 seconds of your time to change your password and that's enough to stop 99.9% of malware and script kiddies. Somebody who has the time and knowledge to try more advanced techniques, probably has bigger fish to fry than your ass with 10 gigs of horse porn shared on your network.
- Contradictions, on 03/27/2009, -1/+11Default passwords serve a good purpose. The problem is educating consumers on how to install their devices. Basic home networking should be required High School education.
- fungie5, on 03/27/2009, -0/+9If you leave your doors unlocked and your burglar alarm turned off, do you blame the construction company that built your home for your home getting robbed?
For the BMW example to be a sound analogy, you have to add that the BMW can only be stolen if the keys are left in the car. If you're provided with the means to protect yourself and you don't use it, it's totally your fault. A properly constructed password would have made the attack impossible. - ileftfark, on 03/27/2009, -1/+9***** you, "A fatal error has occured".
- PrettyGreen, on 03/27/2009, -1/+9I doubt most 14 year olds know what IRC is.
- dvsbastard, on 03/27/2009, -0/+7I'm dis-custard by it...
- smotpoker, on 03/27/2009, -0/+6@beno
First, subgenius' comment was about what to change the pass *to*, not what manufacturers should set the default password to.
Secondly, it does actually matter significantly. If every make/model device had a different default password, they would be harder to keep track of and there would be less chance of older worms infecting newer devices.
You're right that if every manufacturer picked the same new pass for every device it wouldn't be that much more secure but generating a unique pass for every model device is trivial yet still hinder worm propagation substantially - phpirate, on 03/27/2009, -0/+5Xbox Live, then.
- draculthemad, on 03/27/2009, -0/+4It should be required that you change the default password in order to enable full functionality of the device.
Attacks like this will continue to be a problem until that becomes standard practice. - inactive, on 03/27/2009, -0/+4admin
admin
Flash eprom = check
remote admin = check
=
Horse porn...
damn.... - xkorbin, on 03/27/2009, -2/+6nub
- nkkromhof, on 03/27/2009, -0/+4This is awful... Some people should be banned from having hypotheses. Indefinitely
Quote from comments:
"My Hyphothesis is that there is New Cyber War between Linux and Windows before the war was positive in Innovations. Now is going to the distruction between the ITs and Hackers who support Windows and the others who support Linux by creating new Viruses and Worms more powerful. We saw a lot of distructive worms in the net. A lot of people believe that Linux OS and Linux NT is more secure that any Windows OS or NT. what we can see now even Linux is more vulnerable, means no body is immune from this Viruses and Worms. The questions are is it about MONEY !?. Is it about POWER!?. Is it about CONTROL !?"
That is scary stuff. - Roachy1979, on 03/27/2009, -0/+4I feel perfectly secure running my Linux NT.....
- inactive, on 03/27/2009, -1/+4Wait, so, TSK05 is suggesting that people be taught reasoning skills rather than being drilled with facts that are only useful to pass tests?
Am I on the wrong Digg today? - kgerm, on 03/27/2009, -0/+3dugg for "10 gigs of horse porn"
- phpirate, on 03/27/2009, -0/+3It's a problem with users not linux, dumbass. Read the article.
- inactive, on 03/27/2009, -0/+3
- theeEqualizer, on 03/27/2009, -0/+2Yeah. Defaults should not be available. It's dissdurbing how the deefaults can begotten. It paranoys me. An' also I wish der was some kine uh online digshunary for the look up of what word means an' how you spell it. It wood make big words ready for use.
- inactive, on 03/28/2009, -0/+2We? You and who else?
- subgeniusd, on 03/27/2009, -0/+2"Quote from comments"? What comments are you referring to? I think someone is off his meds again......worms in the net.....yeah buddy.
- HonoredMule, on 03/27/2009, -0/+2Perhaps a better method would be to disallow connecting to admin pages over a wireless connection (WAN connections are usually already blocked by default) until a non-default password is set.
- TnTBass, on 03/27/2009, -0/+2I like those people when I need a quick connection to the internet though.
- bdenning, on 03/27/2009, -2/+4Lets see you sit your XP or Vista box on a network without a firewall and with and open rdp socket (telnet/ssh equivalent for MS) and see how long it lasts?
I agree this is more about hardware vendors not taking the time to correctly secure their devices than the OS in question itself. It was a brute force attack, not software exploitation. - inactive, on 03/27/2009, -3/+5Most people this young are either scriptkiddies or actually doing something
It feels ironic because I'm 15 and we're doing some disassembly right now (x86 asm this time, last time it was ARM - i like ARM better, so much more simple to deal with :( ) - CharlesSaint, on 03/29/2009, -0/+2Depends on which Linksys router you have, but typically it's admin, admin. Here is a list with all the default usernames and passwords. http://www.phenoelit-us.org/dpl/dpl.html
- inactive, on 03/27/2009, -0/+2Yes dis-turding isn't it...
- ethana2, on 03/27/2009, -1/+2I prefer my Ubuntu Dell over my mac because of package management, superior hardware support, and configurability. I paid 4 times as much for my Dell as I did for my mac.
To be fair, the camera I have that my mac is oblivious too will cause ubuntu machines to fail to resume from suspend if left plugged in. It's mutant, but it still Just Works with Ubuntu.
...But with a stupid statement like that coming from you, I'd expect you to be a Windows user. - atdigg, on 03/27/2009, -2/+3or even if there are security vulnerabilities, but then it's most likely they haven't upgraded the system for years... but yeah, most likely is the default admin password that's the same for all the devices...
- bemenaker, on 03/27/2009, -0/+1This was in the comments on the story's page.
- TnTBass, on 03/27/2009, -0/+1Why would you want to have your router administration accessible to the internet? Sure, it can come in handy at times, but not worth the risk.
It doesn't matter as much if you leave your default root password as admin if it can only be logged into via the console. At least this botnet would be rendered useless.
Simple solution (If you run at least one Linux/Unix/BSD system at home): Open up a single port on your firewall and point it to your SSH server. Tunnel your traffic through SSH. RDP/VNC/FTP, whatever you want, all goes through a single encrypted port. Now, keep that server running SSH up to date and properly secured and you have a network much more secure than most. As a side benefit, most companies have at least one port open on their firewall, so if they block 22, use 23, or whatever you can find and make your router redirect that port to port 22 on your SSH box. Work blocking your favorite internet sites? Setup a proxy on your home network and tunnel your web browsing through that. Or just simply browse from your home machine. Simple, elegant, and effective. - bemenaker, on 03/27/2009, -0/+1So this is only attacking routers, not linux machines themselves? Just trying to be clear here.
- LingNoi, on 04/06/2009, -0/+1Yes, that's right although in this case "user" for Linux would be the distribution providing people with bad defaults.
- Lunarbunny, on 03/27/2009, -0/+1*changes router password to something even stronger*
- inactive, on 03/27/2009, -0/+1Chuk9Phuk
Worked for bill gates, I own him now...
Thanx
But seriously, a chip with a model number x (x-y) factor = password
Print it on the sticker and when new firmware goes in the password is there... - Liqkhaos, on 03/27/2009, -0/+1For ***** and giggles, last weekend I connected a system with a fresh install of the original retail WinXP (Pre SP1) directly to my cable modem for a few hours and the only thing that happened was I got a few messages through the Windows Messenger Service. Perhaps the time and the day of the week would change the results but I was rather disappointed that nothing happened.
- mrsteveman1, on 03/27/2009, -0/+1You can deny it all you want, we have your password now!
- ahhell, on 03/27/2009, -1/+2Actually the default is NO user name with admin as the password.
-
Show 51 - 77 of 77 discussions
© Digg Inc. 2009
— Content created and posted by Digg users is