

New worm can infect home modem/routers - davo11
http://apcmag.com/Content.aspx?id=3687

======
theblackbox
Gotta say, that's pretty interesting. I've become very curious recently about
"The Botnet" and just exactly what it is, how it is maintained and what
resources it relies on/consumes ... which might be ignorance?

Some purists may be against my referring to what is a distributed and loosely
organised menagerie of differently compromised systems as a singular entity,
but I find it inspiring to think of this as the common enemy that binds the
internet civilisation.

I have heard many a deeply fascinating story about the exploits of this web
marauder, such as the well known Estonia ddos: <http://tinyurl.com/3ashwk>

as well as theories that dispute the controlling agents of the botnet, arguing
for and against the autonomy of "The Botnet" itself. With some stating it's
defence mechanisms mirror those of immune systems or other organic systems.
(not sure where my reference is for that one)

With this being such a massive force on the internet, what do people know of
vigilante justice that seeks to control "The Botnet"? I find it hard to
believe that the old-school "white hat hackers" would allow themselves to be
pushed aside by this mother of all script kiddies!

I had a quick look around and all I could find was this interesting little
morsel: <http://tinyurl.com/de4t5l>

essentially a distributed proxy shield that (if I'm not mistaken) inverts the
tor architecture and incorporates a relatively expensive authorisation to
perturb the activity of a botnet attack on a particular server.

But what I'm really looking for is a legitimate attempt to set up some
distributed system to attack the botnet itself?

just some food for thought, I thought.

------
pert
This article seems a bit confused about how the worm is spread: It is a simple
bruit force password attack, targeted at mipsel Linux-based routers.

The post at DroneBL (linked to by the article) seems to be a better read:

<http://www.dronebl.org/blog/8>

------
vlisivka
The network equipment producers use cheapest programmers, which never ever
will read Red Book ( [http://www.amazon.com/UNIX-System-Administration-
Handbook-3r...](http://www.amazon.com/UNIX-System-Administration-
Handbook-3rd/dp/0130206016) ), or File System Hierarchy Standard, or any other
standard.

My mobile phone (Motorola A1200 with MontaVista Linux) has "root" user with
empty password. It was very non-trivial to change password, because root file
system is read only. :-)

IMHO, equipment producers should use persons with experience in both
programming and administration (like me ;-) ), or use experienced
administrators to review embedded systems before they are shipped to end
users.

Government should also try regulate minimal acceptable level of security in
network-connected devices, because ignorance of these security related
problems creates huge risk for everybody. Imagine robots, which are controlled
by hackers. Network devices can steal your credit card number and/or open
doors for other trojans. Robots can steal your credit card and/or open door
for breakers.

See also: "Researchers Demo BIOS Attack That Survives Disk Wipes"
<http://it.slashdot.org/article.pl?sid=09/03/23/1248214>

