True! but that hasn't happened yet, and it still shouldn't get beyond that customer's radio.
On Mon, May 16, 2016 at 9:35 PM, Mike Hammett <af...@ics-il.net> wrote: > Until it gets delivered via Flash or Java or something else... ;-) > > > > ----- > Mike Hammett > Intelligent Computing Solutions <http://www.ics-il.com/> > <https://www.facebook.com/ICSIL> > <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> > <https://www.linkedin.com/company/intelligent-computing-solutions> > <https://twitter.com/ICSIL> > Midwest Internet Exchange <http://www.midwest-ix.com/> > <https://www.facebook.com/mdwestix> > <https://www.linkedin.com/company/midwest-internet-exchange> > <https://twitter.com/mdwestix> > The Brothers WISP <http://www.thebrotherswisp.com/> > <https://www.facebook.com/thebrotherswisp> > > > <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> > ------------------------------ > *From: *"Mathew Howard" <mhoward...@gmail.com> > *To: *"af" <af@afmug.com> > *Sent: *Monday, May 16, 2016 9:16:40 PM > *Subject: *Re: [AFMUG] ubnt malware > > If you have firewall rules at the edge of the network blocking the > management ports ti the airrouters that are on public IPs, they're probably > fine. We still have some radios that are on old firmware, but I haven't > been able to find anything on our network that's infected. Fortunately, > when I was setting up the firewall rules to block access to the CPEs from > outside our network, I decided it was desirable to block customers from > being able to get to other customers radios as well... which should break > the self replicating part of this thing, so even if it does somehow get > into our network, it shouldn't be able to get far. > > That said, I'm updating everything that isn't on at least 5.6.2 right > away. > On May 16, 2016 8:41 PM, "That One Guy /sarcasm" < > thatoneguyst...@gmail.com> wrote: > > yeah, thats amazing me, one fella was complaining about how much of a > problem it would be to take a unit offline to get on a bench. I would think > if things are that bad that your network is progressively shutting down, > convenience would be the least of your concerns. > > I have to investigate a couple anomalies on the network, in the back of my > mind Im hoping the air routers have been hit to put a nail in their coffins > so we cam go with mikrotiks as the CPE router instead > > On Mon, May 16, 2016 at 8:33 PM, Josh Reynolds <j...@kyneticwifi.com> > wrote: > >> Or threatening to sue because of their own personal ignorance and >> negligence. >> On May 16, 2016 8:32 PM, "Mike Hammett" <af...@ics-il.net> wrote: >> >>> A good amount of it is just people that don't know any better making >>> false observations. >>> >>> >>> >>> ----- >>> Mike Hammett >>> Intelligent Computing Solutions <http://www.ics-il.com/> >>> <https://www.facebook.com/ICSIL> >>> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >>> <https://www.linkedin.com/company/intelligent-computing-solutions> >>> <https://twitter.com/ICSIL> >>> Midwest Internet Exchange <http://www.midwest-ix.com/> >>> <https://www.facebook.com/mdwestix> >>> <https://www.linkedin.com/company/midwest-internet-exchange> >>> <https://twitter.com/mdwestix> >>> The Brothers WISP <http://www.thebrotherswisp.com/> >>> <https://www.facebook.com/thebrotherswisp> >>> >>> >>> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> >>> ------------------------------ >>> *From: *"That One Guy /sarcasm" <thatoneguyst...@gmail.com> >>> *To: *af@afmug.com >>> *Sent: *Monday, May 16, 2016 8:19:00 PM >>> *Subject: *[AFMUG] ubnt malware >>> >>> From what im reading in their forums something set off over the weekend? >>> or is it ubnt douche nozzles? >>> >>> It sounds almost as if this malware is actively being manipulated >>> (changing from key access to foul username/password, wandering control >>> ports, etc, like script kiddies found a new toy? >>> >>> is this thing self propagating from the device? >>> >>> -- >>> If you only see yourself as part of the team but you don't see your team >>> as part of yourself you have already failed as part of the team. >>> >>> > > > -- > If you only see yourself as part of the team but you don't see your team > as part of yourself you have already failed as part of the team. > > >