Josh,
Can you expand that?
The following is the last communication, note this started as a slowness
complaint.
Hi. I had a couple questions regarding the wireless router that you provide
with my service. Since I don't have access to the device, could you turn
off broadcasting of the SSID please? The reason for this request due to a
very damaging virus/malware that hit my home network extremely hard.gained
access to my networks through the wireless connection and my phone, which
then took out every thing else connected. The Wi-Fi that caused the issue
ended up as "OPEN" and not longer secure. Since there is such massive
distances between any of us our her I would only see that specific SSID on
days when everthing allowed to to travel just a litter bit further. And
when I did see it over the last 1.5 years, but it was always "Secured".
Anyway... the story is much longer but A. can you hide the SSID and
possibly change it to something else? This way I know it has a little extra
protection. But please let me know the the SSID. Do you by chance know of
an SSID near me of: ISPSTUFF360? It's Mac address is 00:60:ld:f1:91:be. It
came back as a Lucent Technologies device. Also.. I was not simply taken
out of service by 1 "Open" device...I was taken out by 2 ! The second one
that is also broadcasting as "Open is similar in name. . It\s SSID is
ISPSTUFF1000. I have it's mac address somewhere in the middle of all this
mess, but its the same I believe. It also resolved by MAC address to a
Lucent Technologies Devic. From what discovered from once I had a change to
finish up replacing the hard drive in my laptop, ending up with corruption
in the bios as well, replacing a drive in my Workstations as it would not
ever respond to restoration software. And so much figging time to install
everything. I had to be safe and reset my phone, my tablet pc and and my
FLAC file of over 119gb of my entire music collection. Not to. I still dont
feel comfortable given how destructive it was. I immediately had to spend
our upon hour callng banks, and Website, and anyting that I accessed online
to change my logins and passwords.. It even appears to have left it's mark
on the Direct TV DVR as well. So I have already spent more $ than I had to
spare but I most definately dont trust any of the devices anylonger.
Especially since the 2 devices are still broadcasting as I send this. Kevin
On Sun, Apr 10, 2016 at 3:59 PM, Josh Reynolds <j...@kyneticwifi.com> wrote:
> FYI antimalware/antivirus and adblock are the newest attack vectors. :)
>
> Pretty easy way to get persistent malware on machines now.
> On Apr 10, 2016 3:57 PM, "That One Guy /sarcasm" <
> thatoneguyst...@gmail.com> wrote:
>
>> Im a worst case scenario artist. My concern is the customer will talk to
>> our customer service, theyll tell him we will replace his router. He will
>> bring it in, get a replacement. Its been "infected" and will hit our
>> Achilles heel. Customer service will drop it in the returns bin. It will
>> get taken abk and connected to the machine thats used to dump the file, it
>> will "infect" that machine, that machine will infect the Customer service
>> network. A tech will pick up the router and install it at another POP.
>> infecting that POP. he will also bring his laptop back and connect it to my
>> network. My machine has no real antimalware and he will infect it across
>> that network. My machine has all the keys to the castle.
>>
>> the reality is they guy probably had slow wifi in his detached garage
>> 1500 feet from his house, and his buddy mike said he must be infected with
>> some really nasty virus because his portable version of AVG from 2010 cant
>> find it so it must be direct from anonymous.
>>
>> On Sun, Apr 10, 2016 at 3:37 PM, Josh Reynolds <j...@kyneticwifi.com>
>> wrote:
>>
>>> Cross platform malware is a Thing now, and has been for several years.
>>> It's fortunately not very prevalent yet.
>>> On Apr 10, 2016 3:36 PM, "Bill Prince" <part15...@gmail.com> wrote:
>>>
>>>> I don't believe it.
>>>>
>>>> We have a friend that comes to some outrageous conclusions with scant
>>>> information, and practically zero technical knowledge. Yet when he explains
>>>> something, he sounds perfectly reasonable with impeccable logic. It just
>>>> never is.
>>>>
>>>> bp
>>>> <part15sbs{at}gmail{dot}com>
>>>>
>>>>
>>>> On 4/10/2016 1:29 PM, That One Guy /sarcasm wrote:
>>>>
>>>> So we have this customer who experienced a ferocious malware, still
>>>> waiting on more details from the customer, its very interesting because it
>>>> crossed multiple platforms. multiple cell phones, a satellite DVR, a PC
>>>> etc. Im not sure how he verified infection, but he did have to factory his
>>>> phones, his PC he said required a hard drive replacement (not sure what or
>>>> who decided this) not sure how the satellite DVR was mitigated. He thinks
>>>> it came from a Rise Broadband (formerly Prairie Inet ESSID (I doubt this,
>>>> the ESSIDs prairie inet ran were open, with other security for the access)
>>>> With it being as cross platform as it was im wondering how i would
>>>> check the air router we provide to see if it got hit as well. All we do is
>>>> a dump file on the current firmware that sets a password, ensures 443 is
>>>> open, sets a DMZ to an IP out of the DHCP scope, and we manually set the
>>>> ESSID with WPA2, the key being the MAC on the label ( it think this is the
>>>> WLAN) (we disable snmp, telnet, but leave ssh open), we also turn off CDP
>>>> and the ubnt discovery
>>>>
>>>>
>>>> Im hoping he has some good info on what this actually was, and its not
>>>> just a case of his buddy jim telling him all this.
>>>>
>>>> Anybody know of something in the wild capable of hitting all these
>>>> devices across a network (wired/wireless)
>>>>
>>>> Im asking about the airrrouter in particular, considering if it were
>>>> impacted, that could be a mess at the POP since most customer NAT are in
>>>> the same subnet, with duplicate configs
>>>>
>>>> --
>>>> If you only see yourself as part of the team but you don't see your
>>>> team as part of yourself you have already failed as part of the team.
>>>>
>>>>
>>>>
>>
>>
>> --
>> If you only see yourself as part of the team but you don't see your team
>> as part of yourself you have already failed as part of the team.
>>
>
--
If you only see yourself as part of the team but you don't see your team as
part of yourself you have already failed as part of the team.
