im not finding any air routers or reading anything about airrouters getting hit, maybe this is limited to radios.
But there is something definetly active, the logs in the air routers are getting hammered with access attempts, even more than normal. this 5.65 will probably have a log bug that causes an overflow dump or something like that On Mon, May 16, 2016 at 8:56 PM, CBB - Jay Fuller <par...@cyberbroadband.net > wrote: > > the latest reports i've been reading is with the radio resetting to > defaults, ssid becomes ubnt, and a radio on newer firmware won't associate > because you haven't accepted the TOS on the radios (which had gone default) > > > ----- Original Message ----- > *From:* That One Guy /sarcasm <thatoneguyst...@gmail.com> > *To:* af@afmug.com > *Sent:* Monday, May 16, 2016 8:41 PM > *Subject:* Re: [AFMUG] ubnt malware > > yeah, thats amazing me, one fella was complaining about how much of a > problem it would be to take a unit offline to get on a bench. I would think > if things are that bad that your network is progressively shutting down, > convenience would be the least of your concerns. > > I have to investigate a couple anomalies on the network, in the back of my > mind Im hoping the air routers have been hit to put a nail in their coffins > so we cam go with mikrotiks as the CPE router instead > > On Mon, May 16, 2016 at 8:33 PM, Josh Reynolds <j...@kyneticwifi.com> > wrote: > >> Or threatening to sue because of their own personal ignorance and >> negligence. >> On May 16, 2016 8:32 PM, "Mike Hammett" <af...@ics-il.net> wrote: >> >>> A good amount of it is just people that don't know any better making >>> false observations. >>> >>> >>> >>> ----- >>> Mike Hammett >>> Intelligent Computing Solutions <http://www.ics-il.com/> >>> <https://www.facebook.com/ICSIL> >>> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >>> <https://www.linkedin.com/company/intelligent-computing-solutions> >>> <https://twitter.com/ICSIL> >>> Midwest Internet Exchange <http://www.midwest-ix.com/> >>> <https://www.facebook.com/mdwestix> >>> <https://www.linkedin.com/company/midwest-internet-exchange> >>> <https://twitter.com/mdwestix> >>> The Brothers WISP <http://www.thebrotherswisp.com/> >>> <https://www.facebook.com/thebrotherswisp> >>> >>> >>> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> >>> ------------------------------ >>> *From: *"That One Guy /sarcasm" <thatoneguyst...@gmail.com> >>> *To: *af@afmug.com >>> *Sent: *Monday, May 16, 2016 8:19:00 PM >>> *Subject: *[AFMUG] ubnt malware >>> >>> From what im reading in their forums something set off over the weekend? >>> or is it ubnt douche nozzles? >>> >>> It sounds almost as if this malware is actively being manipulated >>> (changing from key access to foul username/password, wandering control >>> ports, etc, like script kiddies found a new toy? >>> >>> is this thing self propagating from the device? >>> >>> -- >>> If you only see yourself as part of the team but you don't see your team >>> as part of yourself you have already failed as part of the team. >>> >>> > > > -- > If you only see yourself as part of the team but you don't see your team > as part of yourself you have already failed as part of the team. > > -- If you only see yourself as part of the team but you don't see your team as part of yourself you have already failed as part of the team.
