| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 105300 | 2009-11-26 11:50:00 | Understanding the new(ish) Psyb0t viruses | adslgeek (14687) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 833885 | 2009-11-26 11:50:00 | As we head into School holidays, might be a good idea to check out your DSL router security Especially if you are using: Linksys (x30 models) Netgear (x10 models) As well as about 15 other models of cable and DSL modems, as there is a new type of virus that focusses in on attacking your DSL router rather than the PC. Meaning that the router can then do and control all sorts of nasty things to you. For more info: www.adslgeek.com |
adslgeek (14687) | ||
| 833886 | 2009-11-26 11:56:00 | This was some attack logs from somedude: Quote: 2009/11/25 11:30:24 Trojan Scan <TCP> Source IP:202.180.64.10 Port:53 Dest IP: Port:1243 2009/11/25 11:30:24 Trojan Scan <TCP> Source IP:202.180.64.11 Port:53 Dest IP: Port:1243 2009/11/25 11:30:29 Trojan Scan <TCP> Source IP:202.180.64.10 Port:53 Dest IP: Port:1243 2009/11/25 11:30:29 Trojan Scan <TCP> Source IP:202.180.64.11 Port:53 Dest IP: Port:1243 2009/11/25 12:55:04 Trojan Scan <TCP> Source IP:202.180.64.10 Port:53 Dest IP: Port:1999 2009/11/25 12:55:04 Trojan Scan <TCP> Source IP:202.180.64.11 Port:53 Dest IP: Port:1999 2009/11/25 12:55:09 Trojan Scan <TCP> Source IP:202.180.64.10 Port:53 Dest IP: Port:1999 2009/11/25 12:55:09 Trojan Scan <TCP> Source IP:202.180.64.11 Port:53 Dest IP: Port:1999 2009/11/26 06:52:11 Trojan Scan <TCP> Source IP:202.89.36.226 Port:80 Dest IP: Port:1243 2009/11/26 06:52:14 Trojan Scan <TCP> Source IP:202.89.36.226 Port:80 Dest IP: Port:1243 2009/11/26 06:52:17 Trojan Scan <TCP> Source IP:202.89.36.226 Port:80 Dest IP: Port:1243 2009/11/26 06:52:20 Trojan Scan <TCP> Source IP:202.89.36.226 Port:80 Dest IP: Port:1243 2009/11/26 06:52:26 Trojan Scan <TCP> Source IP:202.89.36.226 Port:80 Dest IP: Port:1243 2009/11/26 06:52:38 Trojan Scan <TCP> Source IP:202.89.36.226 Port:80 Dest IP: Port:1243 2009/11/26 12:09:42 Trojan Scan <TCP> Source IP:119.224.143.10 Port:80 Dest IP: Port:1999 2009/11/26 12:09:45 Trojan Scan <TCP> Source IP:119.224.143.10 Port:80 Dest IP: Port:1999 2009/11/26 12:09:46 Trojan Scan <TCP> Source IP:119.224.143.10 Port:80 Dest IP: Port:1999 2009/11/26 12:09:51 Trojan Scan <TCP> Source IP:119.224.143.10 Port:80 Dest IP: Port:1999 2009/11/26 12:09:52 Trojan Scan <TCP> Source IP:119.224.143.10 Port:80 Dest IP: Port:1999 2009/11/26 12:10:02 Trojan Scan <TCP> Source IP:119.224.143.10 Port:80 Dest IP: Port:1999 2009/11/26 12:10:23 Trojan Scan <TCP> Source IP:119.224.143.10 Port:80 Dest IP: Port:1999 2009/11/26 12:11:07 Trojan Scan <TCP> Source IP:119.224.143.10 Port:80 Dest IP: Port:1999 |
adslgeek (14687) | ||
| 833887 | 2009-11-26 18:34:00 | Fun times, school holidays always bring out the young'ins here too ;) Do you have a list of the routers known to be susceptible at any given time (prior to the latest firmware updates from their vendor)? I seem to remember the DD-WRT community freakin out a little back earlier this year about it... |
Chilling_Silence (9) | ||
| 833888 | 2009-11-26 22:20:00 | Wasn't the DD-WRT issue along the lines of some people leaving default SSH password and as long as it was set to something unique you were fine? | razzarphenix (2626) | ||
| 833889 | 2009-11-26 22:52:00 | Good question, though I know they make you change it by default prior to allowing you into the WebGUI now. Good practice too I think! Am running the latest Tomato here, so I'm guessing I'm safe, haven't read anything about it yet... Not to mention the outbreak happened initially in Jan this year I believe? |
Chilling_Silence (9) | ||
| 833890 | 2009-11-27 03:50:00 | Sounds like fun.... Where's the big list of vulnerable routers then? might be a good idea to check out your DSL router security What exactly are we supposed to be checking? |
Agent_24 (57) | ||
| 833891 | 2009-11-27 04:04:00 | Good question, though I know they make you change it by default prior to allowing you into the WebGUI now. Good practice too I think! Am running the latest Tomato here, so I'm guessing I'm safe, haven't read anything about it yet... Not to mention the outbreak happened initially in Jan this year I believe? Do you have a link to easy-to-follow instructions on getting the latest tomato on an Asus WL520GU? Want to be able to set it up as a wireless range extender. |
CYaBro (73) | ||
| 833892 | 2009-11-27 04:41:00 | You mean like this (www.society9.com) | razzarphenix (2626) | ||
| 833893 | 2009-11-27 04:46:00 | That's the one I used. Easy as making meat pie | bob_doe_nz (92) | ||
| 833894 | 2009-11-27 04:50:00 | You mean like this (www.society9.com) Yea I saw that one but I can't seem to follow it plus one of the links doesn't work. :confused::confused: |
CYaBro (73) | ||
| 1 2 3 | |||||