AlgoRythm • User • The Register Forums

IPv6 vulnerable to fragmentation attacks that threaten core internet routers

Monday 23rd January 2017 19:20 GMT AlgoRythm

So..where is SirChurchy lately...

Shocked! Shocked I am that the ipv6 extended headers might theoretically not have been checked in any reasonable way on the wire. Calling Sir Churchy, self declared expert on all things networking and IPv6 specifically..have you discovered a good fuzzing util for enumerating extended header flaws yet. Seems like NIST is still fumbling with that rather publically:

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10142

So how is it that you can categorically dismiss all who believe that where IPv6 is concerned, both in its creation and timing, something smells...off.

Be thee a GCHQ shill, or be thee a sales weasel? Inquiring minds want to know

-Al

1 0

It's 2015 and default creds can brick SOHO routers

Wednesday 21st January 2015 17:50 GMT AlgoRythm

Re: remote admin

Actually the ISPs sending you the gear, and the big box stores providing ISP-X compatible router gear not so helpfully open the exploitable port for you. It's only point of security being that most skiddies won't know to either scan for, or what to do with, port 7547.

And there are - zero/nada/zip - firmware/fixes to close it off. New patches to ownable routers still leave the same port open with same listener. One particularly annoying router vendor has a web gui option to turn TR-069 off..and obliging displays that you checked the box...but doesn't actually turn it off.

Fix? Turn off Internet visible IP addresses completely...let something behind the router serve your public IP...heck a lot of APs (Cisco RV120 for instance) are at least securable. Alternatively...look up the details on the misfortune cookie advisory and pointedly don't buy anthing from their list of shame.

1 0

Wednesday 21st January 2015 17:42 GMT AlgoRythm

RE: In other words bears are catholic

Better title, 'This is actually a big deal, but the author didn't research it well enough to convery why'

The misfortune cookie hack is actually deeper than that...and more malicious since 99% of telco's deliberately leave that tcp TR-069 port open as a standard. To figure out the default creds used by that (VERY) obsolete (10+ yr old version of the TR-069 daemon is consistently used, despite patched releases made available by the boston company to the router manufacturers) required unpacking a firmware set and beating on the on the port with details gleaned from firmware.

On affected devices, more recent firmware just installs different wallpaper over the same tcp 7547 holes.

Best fix...stop using these crap CPE boxes for routing....put it into bridging mode (no IP at all) and let something patchable behind it do the DHCP honors.

2 0

BOOGIE BALLMER: Steve Dirty Dances at tearful Microsoft leaving do

Friday 27th September 2013 19:15 GMT AlgoRythm

Several MTX music possibilities

Mr.T Experience - Last time I listen to You

https://www.youtube.com/watch?v=AP2wc9bsCq0

They actually had a much better (very mean) so long song I was hoping to find, but this'll do.

0 0

French boffins: Regard, our record-breaking long, fat, wet pipe

Monday 22nd July 2013 13:31 GMT AlgoRythm

Unholy Switches from R'lyeh required

I can even imagine who makes switches that can pump and parse that kind of throughput (Vint's dream of switching with lenses - literally colored traffic - not really here yet). I suspect the real story here is that Alcatel has discovered Cthulu's undersea city and are using it's power to be able to route/switch at that bandwidth level.

0 0

NSA chief leaks info on data sharing tech: It's SharePoint

Saturday 20th July 2013 17:15 GMT AlgoRythm

Re: With all due respect..

Actually sharepoint seems to distribute permissions much like a Santa in a Xmas parade. The hardest/best SA efforts to secure it are brought low when inexplicable hidden sticky permissions suddenly - and without logging - grant temporary admin permissions to clueless content contributors.

I bet foreign intelligence operations had admin permissions to that host before the NSA senior managers could even smugly browse their first report.

Forget Snowden...the idiots who bought Sharepoint for the NSA and the Microsoft sales weasels who lied through their teeth about the actual auditable security level of their product should be charged for aiding and abetting the enemy. Snowden at least was on the side of the public at large, while those weasels were operating purely for the sake of their greed or laziness.

12 2

US county named 'area of outstanding natural stupidity'

Friday 13th July 2012 20:36 GMT AlgoRythm

Disagree with Assessment - Hasting NE clearly has higher density of stupidity

Town of Hastings Nebraska. Population less than 28k (and falling)

Has the honor of !2! Darwin award winners who actually nerfed their own reproductive capacity (nail hammer and bench involved in one case). It's possible that one of the towns in Kitsap County may now be aspiring to rival Hastings' glorious pinnacle of stupid, but for now it just remains a dream for them.

1 0

Security firm in Tor Project 'mass surveillance' row responds

Sunday 8th July 2012 12:55 GMT AlgoRythm

Weapons Free Gentlemen?

Looks like someone put the majority of Cyberoam's private keys in plaintext on the TOR blog.

Now THAT's full disclosure >:)

1 0

Forget internet fridges and Big Data. Where's my internet fish tank?

Tuesday 3rd July 2012 15:49 GMT AlgoRythm

Re: Redundancy

Monitoring trumped by Redundancy - 100% agree.

If I had to pick a key missing feature for high end filters, it would be toxin sensors to automatically offline themselves after long outages. 20/20 hindsight from the recent Stateside power issues here.

Basically, if a relatively dirty filter stays offline for more than 3 days and then starts up without being cleaned, the contents of the flter are likely to have gone anaerobic and pump poison into your tank water. Imagine snails in the filter all dying and rotting - and that rot being pumped in a rush right at your fish.

Worry about NICs in our high end filter later, lets get some toxin sensors so that tanks already crippled by outages don't get KO'd by filters...heck if I had to pick something I'd want in a smart filter, a little LED screen telling me oxygenation, ph and hardness would be a real perk.

-Algo

0 0

Topics

Special Features

Vendor Voice

Resources

User topics

Article topics

Posts by AlgoRythm