Slashdot Mirror

← Back to Stories (view on slashdot.org)

Netgear Routers DoS UWisc Time Server

Posted by michael on from the RISKs-fodder dept.

numatrix writes "For the last few months, hundreds of thousands of netgear routers being sold had hardcoded values in their firmware for ntp synchronization, causing a major denial of service to the University of Wisconsin's network before it was filtered and eventually tracked down. Highlights how not to code embedded devices." A really excellent write-up of the incident.

31 of 447 comments (clear)

  1. and now... by Anonymous Coward · · Score: 5, Funny

    slashdot has hard coded a link to the UWisc CS server, sending a DoS to them too

    oh, and fp.

    1. Re:and now... by TenaciousPimple · · Score: 2, Funny

      Apparently one good DoS deserves another...

  2. Obligatory Scooby Doo reference by OneIsNotPrime · · Score: 5, Funny

    And we would have gotten away too, if it weren't for those meddling kids!

    --

    ---

    WARNING:Slashdot karma not redeemable in the afterlife.

  3. Poor uWisc by mobiGeek · · Score: 4, Funny
    First the NTP flood.


    Now the /. effect.

    --

    ...Beware the IDEs of Microsoft...

    1. Re:Poor UWisc by NulDevice · · Score: 2, Funny

      You should see how the UW sysadmins drink. That explains a lot about the ranking.

      --

      ----
      "I used to listen to Null Device before they sold out."

  4. Now... by Scalli0n · · Score: 2, Funny

    SCO claims that the offending code was copied from their kernel and most definitely MUST be paid for, including a $699 license fee for all people on planet earth owning any model netgear router.

    --
    Sig & Below
    Yuck Fou
  5. I did that to myself once by eschasi · · Score: 5, Funny

    I did that to myself once. It was a piece of software that went to comp.sources.unix (or something similar) and was default-configured to send error mail to an alias that pointed to me. A patch was released very shortly afterwards.

  6. If they did it to my NTP server... by lightspawn · · Score: 5, Funny

    I'd just send the wrong time back to netgear routers. I bet they wouldn't try that again.

    1. Re:If they did it to my NTP server... by charon_on_acheron · · Score: 3, Funny

      Right. So just figure out what number represents how many seconds would add up to Febuary 30, 2003. Basically, it would be the same value as March 2, 2003, but you have to remember to set the evil bit. That'll do it every time.

  7. Hasn't /. learned? by ndogg · · Score: 4, Funny

    It's not nice to kick someone when they're down.

    --
    // file: mice.h
    #include "frickin_lasers.h"
  8. In other news at the University... by BMonger · · Score: 4, Funny

    "Quick! Block port 80!"

  9. Delicious irony by ryanvm · · Score: 4, Funny

    I love the irony of trying to read an article about a DoS from a site that's experiencing one because of the article. Yummy.

  10. Indeed by gilesjuk · · Score: 4, Funny

    The C comments in the netgear code were a giveaway, they match those in SCOs code.

    "/* Huge Bodge */"

    "/* Kludge */"

    "/* Magic numbers are cool */"

    1. Re:Indeed by crawling_chaos · · Score: 3, Funny
      You forgot:

      /* Too drunk -- debug later */

      --
      You can only drink 30 or 40 glasses of beer a day, no matter how rich you are.
      -- Colonel Adolphus Busch
  11. blaster by briancollins · · Score: 2, Funny

    Maybe windowsupdate.com changed their DNS to point to the University of Wisconsin. :)

  12. Ouch! by MarkGriz · · Score: 3, Funny

    I'd hate to be working in Netgear's accounts payable dept. when the bandwidth usage bill arrives.

    --
    Beauty is in the eye of the beerholder.
  13. Re:Err why ? by Anonymous Coward · · Score: 1, Funny

    do you have any idea how ports and routers work?

  14. And then, on friday august 22 2003.. by 192939495969798999 · · Score: 4, Funny

    And then we got a ridiculous number of HTTP requests about the problem, which caused our server to explode and rain tiny bits of hazardous material into Lake Michigan. Fortunately, the indigenous wildlife was not affected, because nothing lives in Lake Michigan.

    --
    stuff |
    1. Re:And then, on friday august 22 2003.. by Xenoproctologist · · Score: 2, Funny

      Nothing organic, anyway. However, the hot microchip fragments could be the spark that triggers the genesis of a new race of chemo-silicon-based lifeforms.

  15. Simple Fix by Boss,+Pointy+Haired · · Score: 5, Funny

    UWisc hard codes the date/time on their time time server to 2038-19-01 03:14:00.

    After 6 seconds, the netgear will crash and burn as a result of the Y2K38 problem and the requests will be no more.

  16. Re:It's not about just embedded devices... by tommck · · Score: 5, Funny
    Of course if the gravitational constant changes, we've got bigger problems than updating your high school programming assignments! :-)

    --
    ---- It puts the lotion on its skin or else it gets the hose again. It does this whenever it's told.
  17. Poor UWisc by EmagGeek · · Score: 5, Funny

    First the time server

    Then the e-mail server (from the helpdesk requests)

    Then the webserver (from /.)

    What next?

  18. Re:Now did NetGear get permission by mahdi13 · · Score: 2, Funny

    Check out the NTPd man pages- I believe this server is a second echelon mirror.

    Didn't you mean to say stratum?
    Unless NTP is really a cover up to a top secret government information collection service =)
    ...now that I think about it...
    Where's my tin foil hat?

    --
    "Some things have to be believed to be seen." - Ralph Hodgson
  19. Re:It's not about just embedded devices... by jeffy124 · · Score: 4, Funny
    that is indeed still the case today. This past spring I was a TA for a freshman programming course, and was instructed to deduct points for those who didnt follow such practices -- pi, hours/day, minutes/hour, etc. On exams, the prof would write "-5 - use of magic numbers."

    oh, and we laughed long and hard at the guy who put down:
    const int SIXTY = 60;
    const int TWENTY_FOUR = 24;
    --
    The One Rule Of Chess You'll Ever Need: Don't play someone who carries a kit in their bookbag.
  20. Re:Our usage graph...You Jerks! by ClippyHater · · Score: 5, Funny

    Oh yeah?! Well, we just /.'d that one, too!

    Go ahead, give us another, I dare ya! :)

  21. What by Pvt_Waldo · · Score: 3, Funny

    Nobody figured how to blame Microsoft yet? Come on you "M$" people - get cracking!

  22. DoS by smatt-man · · Score: 2, Funny

    Sweet! I have a Netgear router, does this mean I'm a hacker now?

    --

    ---
    Lousy rotten karmic retribution.
  23. Re:How do you get the router fixed? by stratjakt · · Score: 2, Funny

    1) It's a stratum 1 server, which means it ultimately sets the clocks of millions of other machines, not netgear routers.

    2) How many people with a home router (internet savvy or not) spend all that much time reading the logs, let alone making sure the time stamps are valid?

    I know you probably do, but I dont. Because I'm just a simple caveman home networker, and your logs and timestamps frighten and confuse me.

    --
    I don't need no instructions to know how to rock!!!!
  24. hey, now... by ed.han · · Score: 2, Funny

    don't you know you're supposed to call us "insensitive clods"?

    honestly... :D

    ed

  25. Re:Our usage graph...You Jerks! by Just+Some+Guy · · Score: 4, Funny
    You really just linked to content that
    1. is dynamic and has to be generated every time?
    2. is graphic?

    ShortSpecialBus, eh? ;-)

    --
    Dewey, what part of this looks like authorities should be involved?
  26. Nah, that's not a problem by multipartmixed · · Score: 2, Funny

    > const int SIXTY = 60.2;

    The programmer would catch on pretty quick when it didn't compile. Now, if he declared it as a float, on the other hand...

    --

    Do daemons dream of electric sleep()?