Wazua
»
Market
»
Technical
»
Unprofessional ISPs
Rank: Member Joined: 11/10/2010 Posts: 281 Location: Nairobi
|
The dns redirect exploit that Geofrey is describing is just a phishing hack. Most antivirus software can detect and block faked websites and malicious code being injected by such a site. The probability of losing information in such a case is not Zero, but a phishing hack requires more than an insecure router to work. It requires the computers and other devices to be exploitable too.
Not to sound apologetic for the isp but the user is responsible for their own security when on the Internet and ensuring that the device hosting your sensitive information is properly secured has nothing to do with the ISP.
|
|
|
Rank: Elder Joined: 12/17/2009 Posts: 3,583 Location: Kenya
|
holycow wrote:nakujua wrote:holycow wrote:This guy has a point, those on Zuku, better take him serious. Well, I'll furnish him all the details when i get home to complete the test. So far, what he has shared with me is scary. This guy knows his stuff. if you are not comfortable sharing the details he gave you hapa, just make sure you cross check the info with 1 or 2 more IT guys before committing - he might be luring you into a trap. Nope, he shared the idea with me. I have put it to test on other innocent Kenyans( i did not tamper with anyone, just peeped and left). Lets just say, the techies at Zuku are very very careless or assuming a lot. Well, I am just groping in the dark, but as has been mentioned just because one can view a gate does not mean the police or guards are careless or assumig, I have no idea what the guy shared and whatever you managed to peep, but accusing the zuku guys while not sharing what you have found out is a bit biased. But I repeat if what the guy has mentioned as the exploit is the case, then I don't think it's the fault of Zuku - and there is no need for alarm.
|
|
|
Rank: Elder Joined: 12/17/2009 Posts: 3,583 Location: Kenya
|
madhaquer wrote:The dns redirect exploit that Geofrey is describing is just a phishing hack. Most antivirus software can detect and block faked websites and malicious code being injected by such a site. The probability of losing information in such a case is not Zero, but a phishing hack requires more than an insecure router to work. It requires the computers and other devices to be exploitable too.
Not to sound apologetic for the isp but the user is responsible for their own security when on the Internet and ensuring that the device hosting your sensitive information is properly secured has nothing to do with the ISP. True, I might be wrong but I don't think it's the fault of zuku in this particular instance, of course it's good practise to secure your router - but I reckon that's the responsibility of the user, after all the thing comes with a manual. but the alarm is not necessary, unless one is running servers behind the router.
|
|
|
Rank: Member Joined: 8/27/2010 Posts: 495 Location: Nairobi
|
Quote: You might not realize you have an Internet address that’s as well-defined as your street address. To see your own public IP address, surf to whatismyip.com. Your address will be displayed in big bold letters and will look something like this: 101.75.75.101. In most cases, this public address leads straight to your router, which as its name implies, routes all data traffic between your networked computers, tablets, smartphones, webcams, and to and from the outside world. If someone gains control of your router, you’re in for a rough time. They can open and redirect any sort of traffic anywhere they want. The havoc they wreak can also ruin a whole lot of other people’s days with what’s relayed through your equipment. Quote: Most routers and many NAS devices come with well-documented default login IDs and passwords (“admin” and “password,” for instance). These devices typically have installation wizards that prompt the user to change them before the device is connected to the Internet. But for one reason or another, that step is sometimes skipped and the password is never changed. Other times, the password is updated, but at some point down the line, the user performs a hard reset. This common troubleshooting step often restores the old, weak password without the user's knowledge.
Enabling UPnP on older firmware—a step that most router manufacturers recommend, because doing so simplifies configuration—can expose connectivity to FTP and SMB servers running on the router, enabling any Internet snoop to access every file on an attached storage device. An anonymous group recently posted a list of several hundred IP addresses assigned to vulnerable Asus routers.
You can’t afford to wait for the industry to wake up. Take action now to lock down your router, your NAS device, your IP cameras, and every other device on your network that’s exposed to the Internet. Unless you want people stealing your bandwidth; your private photos, documents, and movies; and watching whatever your cameras are focused on. SourceSent from my Black Nokia 3310
|
|
|
Rank: Member Joined: 2/27/2014 Posts: 454 Location: Republic of Enchantment.
|
nakujua wrote:madhaquer wrote:The dns redirect exploit that Geofrey is describing is just a phishing hack. Most antivirus software can detect and block faked websites and malicious code being injected by such a site. The probability of losing information in such a case is not Zero, but a phishing hack requires more than an insecure router to work. It requires the computers and other devices to be exploitable too.
Not to sound apologetic for the isp but the user is responsible for their own security when on the Internet and ensuring that the device hosting your sensitive information is properly secured has nothing to do with the ISP. True, I might be wrong but I don't think it's the fault of zuku in this particular instance, of course it's good practise to secure your router - but I reckon that's the responsibility of the user, after all the thing comes with a manual. but the alarm is not necessary, unless one is running servers behind the router. At last i got a call at around 4:30 pm and Zuku is coming to its senses now.They now understand the magnitude of the problem it affecting many people.If you have a Zuku router make sure the remote login credentials are changed from factory defaults.I have thoroughly tested this for close to an year on Cisco EPC2425 and last 2 months on Huawei Echolife fiber router.I dont intend to panic all i want to share the little knowledge that i have on IT. Divers - can you laugh in scuba gear, or will you drown? I was wondering. - James May.
|
|
|
Rank: Veteran Joined: 11/11/2006 Posts: 972 Location: Home
|
Yes, i did login to many routers using the default password. Worst bit, i could actually see the computers connected to the router, i was even able to see wireless passwords. Had i wished, would have messed around with the password. Well, i am not an IT person but i guess its possible to play around with the ports and do whatever you want. In some of the routers, the wireless networks were not even secured.
|
|
|
Rank: Member Joined: 2/27/2014 Posts: 454 Location: Republic of Enchantment.
|
nakujua wrote:holycow wrote:This guy has a point, those on Zuku, better take him serious. Well, I'll furnish him all the details when i get home to complete the test. So far, what he has shared with me is scary. This guy knows his stuff. if you are not comfortable sharing the details he gave you hapa, just make sure you cross check the info with 1 or 2 more IT guys before committing - he might be luring you into a trap. lakini if the alarm is for what he mentioned i.e installing a keylogger or getting your email password - do not worry that will not happen through your router - you can change the credentials to feel safe. lakini if he is asking for more details - please keep off, unless you know him/her. I would never ask for personal information.I am here to share knowledge with no hidden agenda. Divers - can you laugh in scuba gear, or will you drown? I was wondering. - James May.
|
|
|
Rank: Member Joined: 6/17/2010 Posts: 572
|
Ash Ock wrote:Quote: You might not realize you have an Internet address that’s as well-defined as your street address. To see your own public IP address, surf to whatismyip.com. Your address will be displayed in big bold letters and will look something like this: 101.75.75.101. In most cases, this public address leads straight to your router, which as its name implies, routes all data traffic between your networked computers, tablets, smartphones, webcams, and to and from the outside world. If someone gains control of your router, you’re in for a rough time. They can open and redirect any sort of traffic anywhere they want. The havoc they wreak can also ruin a whole lot of other people’s days with what’s relayed through your equipment. Quote: Most routers and many NAS devices come with well-documented default login IDs and passwords (“admin” and “password,” for instance). These devices typically have installation wizards that prompt the user to change them before the device is connected to the Internet. But for one reason or another, that step is sometimes skipped and the password is never changed. Other times, the password is updated, but at some point down the line, the user performs a hard reset. This common troubleshooting step often restores the old, weak password without the user's knowledge.
Enabling UPnP on older firmware—a step that most router manufacturers recommend, because doing so simplifies configuration—can expose connectivity to FTP and SMB servers running on the router, enabling any Internet snoop to access every file on an attached storage device. An anonymous group recently posted a list of several hundred IP addresses assigned to vulnerable Asus routers.
You can’t afford to wait for the industry to wake up. Take action now to lock down your router, your NAS device, your IP cameras, and every other device on your network that’s exposed to the Internet. Unless you want people stealing your bandwidth; your private photos, documents, and movies; and watching whatever your cameras are focused on. Source thanks for this info, just checked my router and behind it i found a sticker with the user id as admin and the password as password keyed this into the zuku portal and logged on and changed the password and enabled firewall settings. I now get @geofreygachie's concerns because when the techs came to install the connection they never advised me to log in using the default settings and change my password, all they did was to tell me to key in a wifi network name and password and they left, by luck my financial and personal data haven't been compromised all that time the router was on default settings. Zuku, fooking step up and advise customers better! 'One headache for famous medieval holy people was that someone might murder you to acquire your body parts for the relics trade'
|
|
|
Rank: New-farer Joined: 8/26/2014 Posts: 63
|
Changing default passwords is one of the basic steps that must be taken to secure a network. Zuku, if they aren't doing it, wouldn't be the first to ignore this procedure. War drivers have accessed airport lobbies (in developed countries mind you) and logged in to wireless access points using default username/password combinations. What i have realized lately is that ISPs are hiring --mostly outsourcing- poorly trained technicians to manage devices. At this point its actually up to the users themselves to secure their devices. The Chinese aren't sleeping for your information, they actively scan and try to brute force poorly configured devices. A simple change of the default username and password is an effective countermeasure to this security risk.
|
|
|
Rank: Member Joined: 2/27/2014 Posts: 454 Location: Republic of Enchantment.
|
Uhondo wrote:Changing default passwords is one of the basic steps that must be taken to secure a network. Zuku, if they aren't doing it, wouldn't be the first to ignore this procedure. War drivers have accessed airport lobbies (in developed countries mind you) and logged in to wireless access points using default username/password combinations. What i have realized lately is that ISPs are hiring --mostly outsourcing- poorly trained technicians to manage devices. At this point its actually up to the users themselves to secure their devices. The Chinese aren't sleeping for your information, they actively scan and try to brute force poorly configured devices. A simple change of the default username and password is an effective countermeasure to this security risk. Just visit www.shodan.io and you will surprised to find that thousands of devices ranging from DVRs,routers,NAS are accessible with default credentials all you need to know is the make & model and google for default username and password Voila you are in.Hardware manufacturers offer no bug fixes for faulty software which tend to give hackers easy time .If anyone needs a fix for buggy firmware try DDWRT flavours which are free ,linux based and very secure ,and the good thing is that you use your exist hardware to implement a robust and secure network using consumer grade hardware running enterprise rated software/firmware. Divers - can you laugh in scuba gear, or will you drown? I was wondering. - James May.
|
|
|
Wazua
»
Market
»
Technical
»
Unprofessional ISPs
Forum Jump
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.
|