Comment on DOJ quietly removed Russian malware from routers in US homes and businesses
Nougat@kbin.social 8 months ago
Why is the default setting to enable remote administration?
20+ years ago I managed the installation of a high performance compute cluster purchased from IBM. Their techs did all the initial installation and setup, right down to using their well known default password of “PASSW0RD” (with a zero for the ‘I’) for all root/admin accounts…. It took less than 29 minutes for it to be compromised by an IP address in China.
At least other vendors like HP use random root/admin passwords printed on cards physically attached to new equipment…
When I used to rack and stack servers, many moons ago, we would always connect them to a switch with LAN only so we could use SSH/SCP to harden them before they got exposed. This was for .gov stuff that would get attacked instantly.
Because without it, the DOJ would have no control over you, duh
It wasn’t. Remote administration was enabled manually on these devices.
Because it was infected with malware from hostile countries.
520@kbin.social 8 months ago
Because these routers went out to everybody. Tech heads and idiots alike. It is far easier for ISPs to simply remote in than rely on the consumer who may be an idiot.
rdyoung@lemmy.world 8 months ago
This is why I run my own router. I’m sure my cable modem has a way in but then you’d have to get past my router.
520@kbin.social 8 months ago
Ditto. I went one step further and put OpenWRT on mine.
Messed up thing is, some ISPs make it an absolute bitch to make this work.
aStonedSanta@lemm.ee 8 months ago
Yup. I used to think it was malicious by the ISPs but really it’s just all the end technology is kinda A mess for them to have control of the network for you. Which I’m gonna a be honest 99.9% of customers NEED. lol
EncryptKeeper@lemmy.world 8 months ago
I can’t think of a single ISP that was using old Ubiquity EdgeOS routers as consumer routers.
520@kbin.social 8 months ago
This thing went out to SMEs too. The smaller ones often aren't much of a step up in terms of knowledge from consumers
EncryptKeeper@lemmy.world 8 months ago
Ok, once again, it’s not enabled by default. Because that’s generally not how company IT departments even remote manage these things. And the affected devices are the firewalls.
Remote administration was turned on manually, by the owners of these devices, because they didn’t know what they were doing.