[EAS] [BC] EAS Zombie Attack
David Turnmire
eassbelist at cableone.net
Tue Feb 12 19:29:43 CST 2013
Part of the problem is that while a substantial portion of broadcast
equipment has Linux (or BSD) under the hood, the manufacturer may not
give the user access. You get the web interface and its security. You
don't get the root access. Which in some cases is good, but engineers
may not even know that their product has alternative entry points than
the web interface (such as SSH or even telnet). And no way to verify
the robustness of the root pw, much-less change it from "factory default".
On top of that, the hardware manufacturers in such cases typically don't
provide OS updates... only the application software. So, you may be
running a several year old version of Linux or BSD with known
vulnerabilities, but without a practical way for the average broadcaster
to update.
Dave
On 2/12/2013 4:52 PM, ray at electronicstheory.com wrote:
> ...
> Testing heck - they are using a "brute force password attack" that resembles a
> battle tank trying to tango.
>
> Here's the catch - they aren't just trying to get in through the web interface!
> As we speak - all of our "exposed" boxes have a bot knocking on them, trying to
> access the root or NOUSER passwords to the shell/terminal (Not just the web
> interface!) So far on our boxes - they have been unsuccessful, as we've changed
> our root passwords, and they aren't based on a dictionary word.
> If you haven't done that - do so NOW!
> ...
>
More information about the EAS
mailing list