Slashdot Mirror
Compromised CCTV and NAS Devices Found Participating In DDoS Attacks (incapsula.com)
chicksdaddy writes: The parade of horribles continues on the Internet of Things, with a report from the security firm Incapsula that its researchers discovered compromised closed circuit cameras as well as home network attached storage (NAS) devices participating in denial of service attacks. The compromised machines included a CCTV at a local mall, just a couple minutes from the Incapsula headquarters.
According to the report, Incapsula discovered the infections as part of an investigation into a distributed denial of service attack on what it described as a "rarely-used asset" at a "large cloud service." The attack used a network of 900 compromised cameras to create a flood of HTTP GET requests, at a rate of around 20,000 requests per second, to try to disable the cloud-based server. The cameras were running the same operating system: embedded Linux with BusyBox, which is a collection of Unix utilities designed for resource-constrained endpoints.
The malware in question was a variant of a self-replicating program known as Lightaidra, which targets systems running BusyBox and exploits vulnerable Telnet/SSH services using so-called "brute force dictionary attacks" (aka "password guessing"). Given that many Internet connected devices simply use the default administrator credentials when deployed, calling it a "brute force" attack is probably a stretch.
According to the report, Incapsula discovered the infections as part of an investigation into a distributed denial of service attack on what it described as a "rarely-used asset" at a "large cloud service." The attack used a network of 900 compromised cameras to create a flood of HTTP GET requests, at a rate of around 20,000 requests per second, to try to disable the cloud-based server. The cameras were running the same operating system: embedded Linux with BusyBox, which is a collection of Unix utilities designed for resource-constrained endpoints.
The malware in question was a variant of a self-replicating program known as Lightaidra, which targets systems running BusyBox and exploits vulnerable Telnet/SSH services using so-called "brute force dictionary attacks" (aka "password guessing"). Given that many Internet connected devices simply use the default administrator credentials when deployed, calling it a "brute force" attack is probably a stretch.
You can burn out the motor coils in the cameras by hacking the software and over driving them?
That's why when it comes to my Internet of Things, I only trust the Genuine® Advantage©® of Certified® Microsoft©® Windows®© Internet© of© Things©® Soft®ware®.
©
Is anyone else getting annoyed at the writing style of recent Slashdot submissions ?
They are being written in a dumbed down folksy style with idiotic mannerisms designed to explain things to idiots, not the geek readership around here.
My Webcam came with an open root telnet port. Just connect to port XXXX (whatever it was, I forget) and you were automatically logged in to a root shell.
There's a reason I kept it completely firewalled from the Internet.
>> compromised machines included a CCTV at a local mall, just a couple minutes from the Incapsula headquarters
Clearly, the correct thing to do is move the HQ further away from the mall, right?
will not allow those devices to be secure. They want to use them. To use them.
A few years ago I got curious and started scanning the local subnets on my ISP for open telnet ports. Found one DVR type of device with four cameras and four hard drives running with disks 100% filled. The default logins worked and found myself at a busybox prompt. What was interesting was there was always a few others logged in from countries over seas. I managed to tftp a fragment of a video file but couldn't recognize the area. There is no reason for multiple telnet logins to a DVR box.
Only the State obtains its revenue by coercion. - Murray Rothbard
It's funny reading this today, because yesterday my smtp server was getting attacked by a Samsung DVR.
The Wikipedia of Things, where any dipshit on the internet can edit your refrigerator.
This is the phenominal article i like it very much you may check other details from this Related Link
...for opening up all those Linux boxen to the world.
It's like Windows 3.11 all over again.
I have no idea why people allow outside access to their NAS device or webcams. At a minimum, require VPN access, but ideally put them in a VLAN "jail".
Someone is going to need to get much more savvy when it comes to securing this "IoT" monster.
Yep, I blew a monitor in my early days of Linux by getting the refresh rates wrong.
From the article, it seems like the exploited cameras are IP-addressable/reachable. That does not sound like Closed Circuit TV as I think of it, with non-ethernet coax-and-like connected cameras connected to a monitoring station in a true closed circuit. I am no expert, but should we be talking about an exploit of "IP-enabled security cameras" or something like that instead?
Dear $public $relations $firm, please generate 'reports' about DDOS attacks that don't mention that vast pool of compromised Microsoft Windows desktops out there on the Internet.
'Incapsula is a cloud-based security and acceleration service that makes websites safer, faster, and more reliable'
I installed KDE 64 Sabayon Latest from USA Mirror. Inside of 3 min it was taken over.
Installed stopped to pet dog, mouse took off and opened menus. I killed the power.
admin admin
admin admin
I said admin you dumb camera!
admin admin
the Nike Air Ralston Mid nike tn requin ool Grey,makes good on the air yeezy shoes stylish design, adding a creamy grey suede upper to a white midsole, orange accents, and a sport-inspired pad-like outsole. Hit the jump for a few more looks, and hit spots like MrRSportsMiami.com for a pair today. Yesterday brought a glimpse of one of the simpler Hachi colorways wee seen to date, eschewing the standard Sting-inspired two-color (or at least two-tone) look in favor of a more uniform coloring. And as the counterpoint to that, today brings some of the more unique looks, although no less impressive. The Nike Hachi Gingham pack, designed specifically for women, each sport the air yeezy pink vintage-inspired silhouette but forgo leather in favor of a gingham textile, three different colors in total. Check out each under the cut, and look for these in Asia now, with a US release still up in the air. While a rather scarce one, the Coast Classic is nevertheless a great summer look, with a classically simple construction that lends itself to colorways both subtle and complex. In fact the latest version, the Nike Coast Classic nike Free Run SP Black/White Gingham, goes for subtle and complex on the same shoe, with black suede on the toe and heelcap sitting atop a classic vulc rubber sole,
incapsula, all the bs 'tech' companies most web is owned / run by jews, same tribe as fraud 'government' 'nsa' all of it. Know who owns you.
- thezog.info - note most comments on main page are jew trolls, mikrosht page covers up gates who's obvious jew but see all pages at right, also top of main page 'required reading' page, bottom half of list copy articles from vnn. don't waste time at vnn, also run by jews. just see pages.
http://corruptico.com/2014/09/30/jewish-bill-gates-crypto-jew-pseudo-christian/
page starts with religion bs but goes to genetic facts/racial. other pages at site have some irrelevant disinfo 'satan lucifer' jew psy ops bs. The 'jeesus' 'satan' stories bs made up by jews so idiots 'obey' and 'turn the other cheek' instead of fight back as jews take it all. The jew's controls are their phony religions and 'government'. Jews are a Race - http://web.archive.org/web/20100825152627/http://jewishfaces.com/banking.html -see all pages at top. holo fraud - https://archive.org/details/TheLeuchterReport - ingore links 'more reading' bs, they dump extra bs to waste time, there is not time, just see Leuchter report, also -
http://67.225.133.110/~gbpprorg/judicial-inc/Auschwitz.htm
http://67.225.133.110/~gbpprorg/judicial-inc/Hopie_ike.htm
http://67.225.133.110/~gbpprorg/judicial-inc/810dresden_primary.htm
http://67.225.133.110/~gbpprorg/judicial-inc/81murder_incorporated.htm
http://67.225.133.110/~gbpprorg/judicial-inc/Coure_d_Arlene.htm
http://67.225.133.110/~gbpprorg/judicial-inc/False_Flags_summary.htm
http://jewishcrimenetworkdid911.blogspot.com/
For decades they've been making lab viruses to kill other races, nordic whites, and so their race isn't affected. newworldwar.org/chemical.htm - ignore notes at bottom, skip rest of site.
holodomorinfo.com - see pages, don't waste time on videos, most all 'jew truther' sites run by them so you 'follow' and don't do anything to stop them. That's just one, every bogus 'war' has been a jew fraud, the last decade idiot ameriscums let jews kill the middle east who were trying to be free of the jew and jew isreal and they're still killing now. They keep idiots wasting time every distraction, 'tech', 'sports', 'pets', porno scum smut, bogus web articles fake 'opposition' bs. Nano chip chemtrails. 'ipv6' and 'wireless' isn't for your benefit. Mind rape, total control.
-copy this to re read, postal mail links to others, tell them to pass it on, put links on notes and hand out. You're being SPRAYED. No one's coming to 'save' you. Make your own tribes -
Idiots bought every 'tech' the 'smart' bs all the 'wireless' bs the 'ipv6' 'internet of things' is a Weapon, they have been spraying us with nano chip chemtrails, you have been far more than just 'chipped', You are now on the 'internet of things' you breath the nano chips the myriad particulate designed to self assemble into 'morgellons' fiber optics inside of you. Done. Don't bother looking it up all the bullshit sites run by them, 'morgellons' was proven in study, they pointed to one fraction similar to lyme, lyme was made in a lab same with their other weapons. It is far more than 'lyme' disease. So called ipv6 is brain rape, already test attached to the auto 'ai' kill system. Idiots get off your ass, see -fake acting - post above.
Add these with others in post above
-archive.org/details/DontTalkAboutTheWeather_451 The haze in the air is nano chips, other content- www.willthomasonline.net/Nano_Chemtrails.html - the contents far more than described, we're breathing the nano chips, other content. For 'wireless' brain surveillance and control by 'smart grid' and control of those leftover from virus kill.
They also sprayed a virus that's going to kill other races but not jews. newworldwar.org/chemical.htm - ignore notes at bottom, skip rest of site.
http://67.225.133.110/~gbpprorg/judicial-inc/Jews_and_KKK.htm
And of course this already in first post though to slam it in your Face again-
http://67.225.133.110/~gbpprorg/judicial-inc/Coure_d_Arlene.htm fake 'neo nazis'
http://balder.org/judea/Hate-Speech-Laws-Immigration-Jewish-Influence-USA.php
-mass destruction by mass immigration while jew rule and kill everyone.
The jew bullshit 'conspiracy theory' meem to distract from their tribe, idiots parroted 'wel if I'm not doin anything wrong then...' idiots, now you're being brain raped, soon to be slaughtered, that's the POINT of privacy is so you have prvacy to plan and stop those who are planning to kill you. Now you're being SPRAYED. The jews have all the resources all the weapons they don't need your useless ass anymore. They will cull race by race until none left but the jews and their chinese 'morgellons' transhuman' slaves.
Don't bother searching, you just waste time on fake 'jew truther' sites run by jews. The links I've given are the cleanest there are and even so some are jew sites that put up the info so you 'follow' and waste time. copy the info, get off the web, give links to others, put links on notes hand out to meet people. No one will do it for you, grow up, make your own tribes