FBI to America: Reboot Your Routers, Right Now

popularmechanics.com/technology/security/a20918611/vpnfilter-malware-reboot-router/

Thoughts? I don't trust the Feds for a second, but I don't see what they could gain from me rebooting my router. And even if I decide not to, it won't make it more than a week or so without crashing and needing a reboot.
Wat do Zig Forums?

Attached: 435281ce5e9ac7d0ffdac95e51121f828da213b532e3a81386f38a24c31ea3f2.jpg (720x405, 41.48K)

Other urls found in this thread:

en.wikipedia.org/wiki/Pentium_II
github.com/Sab0tag3d/SIET/
us-cert.gov/ncas/alerts/TA17-293A
blog.talosintelligence.com/2018/06/vpnfilter-update.html
archive.fo/OQEAs
twitter.com/NSFWRedditImage

vpnfilter is nothing but oracle fearmongering to sell more oracle routers.
they mention no specific exploits and give no details at all except "some public exploits exist", "some routers ship with default passwords". it's literally nothing.

install openwrt or dd-wrt or tomato on your router, whatever you can get to work that isn't the stock featureless botnet firmware that it comes with and don't use default passwords and allow remote logins from the internet and wifi and you'll be fine.

Will do, thanks user

just restarted router thx 4 tip FBI

Those projects leave the kernel comically out of date and vulnerable. You've probable been hacked by every chink in China if you run them.

use only (((approved))) firmwares

you can compile openwrt yourself.

The latest backdoor requires your router to be rebooted before giving FBI access :^)

They are fairly secure if only because those vulnerabilities likely won't affect iptables, and that's pretty much what WAN attackers will see: a big, gigantic REJECT rule of fuck you.

You think I'm gonna listen to the FBI? My router's staying on

their malware requires a manual user reboot lol
literally just modify the malware to dump what it's sending/receiving/doing
anyway this news is retarded. who actually depends on router security after 1990? everyone and their mom already breaks into routers every day. they're full of shitty 1990's web vulns, CSRF, XSS, HTTPS problems, RCE, random daemons that listen on the internet, etc

My router is a Pentium II 333 MHz with a whopping 128MB RAM I found in the garbage over 2 decades ago. It runs sekret routing software. The last time I rebooted it was some time last year. The Russians hacked that?

no the isreali's hacked that over 2 decades ago

I smell bullshit. A P2 333 came out in early 1998 and such a system with 128 MB of RAM cost a few thousands of dollars. You would most surely NOT have "found it in the garbage over 2 decades ago".

eh im pretty sure the first 1GHz machine i got was around 2000
is this some subtle trolling?

That's fine. You're going to have to reboot sooner or later. :^)

reset ;)

So what? The 333 MHz P2 still was brand new in early 1998.
en.wikipedia.org/wiki/Pentium_II
You seem to be forgetting how rapidly CPU clockspeeds were increasing between the late 90s and early 00s. And 128 MB of RAM was plenty even in 2000. What you actually might have found in the garbage in the late 90s could be a 286 with just a few megs of RAM, as any 386 and later with at least 8 MB of RAM could still be put to good use back then.

Do you seriously think that the stock firmware would be more recent? That's fucking retarded.

Yep. Those were the times - going from 300 MHz in late 1997 to 3 GHz in late 2002, a tenfold increase in clockspeed within only five years (that's about a 26% of increase EVERY SIX MONTHS).

Found the leaf

The P4 was a failure though; it had pathetic IPC. That's why they stopped the GHz battle back in 2003-2004; they used to think that CPU clock speeds could increase forever. Intel kept pushing its P4 over the max and found out that in order to reach 4ghz they would have to double both TDP and the size of their heatsinks - not to mention reaching the 10GHz goal they announced around 2001 or so. Thus, AMD had the genius idea of making dual-core CPUs that could work at stable speeds and still double the performance.

I had a 6500/250 back in '97 I maxed out to 128MB for a bit under $1/MB. Remember there had just been a major international price fixing bust against the RAM industry which we're long overdue for another one of.

Why are router CPUs so slow?
Do they really have to put only 32MB of RAM on cheap routers?

What if I want to RDP over WAN though?

That would mean the router just forwards a port to whatever machine you RDP into, which should be way less risky in the context of this thread than connecting to a service running on the router itself.

..and 52% was about the level of bloat seen in the software and system lag too oddly enough.
From using a few floppies to install an OS to needing a DVD for the job.

this, the router should be nothing more than a firewall. all computers behind the router should behave as if they are directly connected to the internet.
firewall the computers too, run RDP on the computers.

do not run critical services like a VPN, or some will even let you run Tor, or anything else directly on the router, because they do tend to run out of date even if your using dd-wrt/open-wrt/etc.

here you will see a common tactic to stop discussion of a topic (changing the subject)

...

you can still buy new routers that come with linux 2.6

why reject when you can just drop and have them wait for a timeout that may or may not come if their tools suck.

I'm running a Ubiquiti edgerouter X with non default username and password with latest firmware.

You guys think I'm safe?

This. "Fuck you" (REJECT) is silver, silence (DROP) is gold.

Stay vigilant, user. I appreciate you.

Nope

Attached: 5b1015494e61a029ad4e110e8c0d5bf9b8c757b0ac9c8a13f64d8e4ad2e65026.jpg (881x1024, 348.84K)

i just rebooted my router

Attached: tags:male2.png (720x480, 77.41K)

this has something to do with ISP firmware access on DOCISIS routers, correct?
Trust those Cisco jockeys, not because they're indian, but because they're likely to boot you off their network if your router becomes a zombie

...

...

These.

SIET -github.com/Sab0tag3d/SIET/
and
us-cert.gov/ncas/alerts/TA17-293A

not to mention they are buggy as shit and hardly any of the features actually work correctly.

hoora

blog.talosintelligence.com/2018/06/vpnfilter-update.html
archive.fo/OQEAs

do they ever explain how the malware gets on the device in the first place?

Nigger they always use a currently supported LTS.
I have a shitty router from 2008 that runs linux 4 with OpenWRT.