Attacks on US since ive been watching... 32000+ Attacks on Canada... 4 Bryce D NETAGO
From: [email protected] [mailto:[email protected]] On Behalf Of RickG Sent: Tuesday, December 23, 2014 23:34 To: Mikrotik Users Subject: Re: [Mikrotik Users] Are Mikrotik Routers affected by this? LOL, forget The Dude - need something like this: http://ftmdaily.com/global-issues/terrorism/mind-blowing-app-reveals-global-cyberwar-in-real-time/ On Tue, Dec 23, 2014 at 12:08 PM, Justin Miller <[email protected]<mailto:[email protected]>> wrote: What does Misfortune Cookie have to do with TR-069? We began this research by surveying client-side implementations of TR-069<http://en.wikipedia.org/wiki/TR-069> (CWMP), after noticing the extreme prevalence<https://zmap.io/paper.pdf%22> of endpoints listening on the default CWMP Connection-Request port (7547), second only to HTTP (port 80) listening endpoints. Misfortune Cookie was uncovered during the examination of RomPager - the most popular recognized service on this port. Is this a problem with the TR-069 protocol specification? While the proliferation of devices managed by TR-069 is responsible for creating a very large vulnerable client population, Misfortune Cookie is not a vulnerability related to the TR-069/CWMP per se. Misfortune Cookie affects any implementation of a service using the old version of RomPager's HTTP parsing code, on port 80, 8080, 443, 7547, and others. http://mis.fortunecook.ie/ Justin Miller VA SkyWire, LLC 1707 E Main St Richmond, VA 23223 Office: (804) 521-4212 Desk: (804) 591-0500 ext 101 Fax: (804) 591-1559 [email protected]<mailto:[email protected]> On Dec 23, 2014, at 12:00 PM, Brough Turner <[email protected]<mailto:[email protected]>> wrote: No it's an issue with the RomPager embedded web server software from Allegro Software. See: http://www.prweb.com/releases/misfortunecookie/allegrosoft/prweb12409335.htm https://www.allegrosoft.com/allegro-software-urges-manufacturers-to-maintain-firmware-for-highest-level-of-embedded-device-security/news-press.html MikroTik does not use this software but some models by ASUS, D-Link, Edimax, Huawei, TP-Link, ZTE, and ZyXEL do. Thanks, Brough Brough Turner netBlazr Inc. - Free your Broadband! Mobile: 617-285-0433 Skype: brough netBlazr Inc.<http://www.netblazr.com/> | Google+<https://plus.google.com/102447512447094746687/posts?hl=en> | Twitter<https://twitter.com/#%21/brough> | LinkedIn<http://www.linkedin.com/in/broughturner> | Facebook<http://www.facebook.com/brough.turner> | Blog<http://blogs.broughturner.com/> | Personal website<http://broughturner.com/> On Tue, Dec 23, 2014 at 11:54 AM, Justin Miller <[email protected]<mailto:[email protected]>> wrote: No it's an issue with TR-069 which is not part of RouterOS. Justin Miller VA SkyWire, LLC 1707 E Main St Richmond, VA 23223 Office: (804) 521-4212<tel:%28804%29%20521-4212> Desk: (804) 591-0500 ext 101<tel:%28804%29%20591-0500%20ext%20101> Fax: (804) 591-1559<tel:%28804%29%20591-1559> [email protected]<mailto:[email protected]> On Dec 23, 2014, at 11:25 AM, Joey Craig <[email protected]<mailto:[email protected]>> wrote: Misfortune Cookie vulnerability affects 12 million routers | CSO Online http://www.csoonline.com/article/2862378/malware-cybercrime/misfortune-cookie-vulnerability-affects-12-million-routers.html _______________________________________________ Mikrotik-users mailing list [email protected]<mailto:[email protected]> http://lists.wispa.org/mailman/listinfo/mikrotik-users _______________________________________________ Mikrotik-users mailing list [email protected]<mailto:[email protected]> http://lists.wispa.org/mailman/listinfo/mikrotik-users _______________________________________________ Mikrotik-users mailing list [email protected]<mailto:[email protected]> http://lists.wispa.org/mailman/listinfo/mikrotik-users _______________________________________________ Mikrotik-users mailing list [email protected]<mailto:[email protected]> http://lists.wispa.org/mailman/listinfo/mikrotik-users -- -RickG KyWiFi
_______________________________________________ Mikrotik-users mailing list [email protected] http://lists.wispa.org/mailman/listinfo/mikrotik-users
