So I need Canadian IP space... ;-)
----- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com ----- Original Message ----- From: "Bryce Duchcherer" <[email protected]> To: "Mikrotik Users" <[email protected]> Sent: Wednesday, December 24, 2014 12:33:59 PM Subject: Re: [Mikrotik Users] Are Mikrotik Routers affected by this? Attacks on US since ive been watching… 32000+ Attacks on Canada… 4 Bryce D NETAGO From: [email protected] [mailto:[email protected]] On Behalf Of RickG Sent: Tuesday, December 23, 2014 23:34 To: Mikrotik Users Subject: Re: [Mikrotik Users] Are Mikrotik Routers affected by this? LOL, forget The Dude - need something like this: http://ftmdaily.com/global-issues/terrorism/mind-blowing-app-reveals-global-cyberwar-in-real-time/ On Tue, Dec 23, 2014 at 12:08 PM, Justin Miller < [email protected] > wrote: What does Misfortune Cookie have to do with TR-069? We began this research by surveying client-side implementations of TR-069 (CWMP), after noticing the extreme prevalence of endpoints listening on the default CWMP Connection-Request port (7547), second only to HTTP (port 80) listening endpoints. Misfortune Cookie was uncovered during the examination of RomPager - the most popular recognized service on this port. Is this a problem with the TR-069 protocol specification? While the proliferation of devices managed by TR-069 is responsible for creating a very large vulnerable client population, Misfortune Cookie is not a vulnerability related to the TR-069/CWMP per se. Misfortune Cookie affects any implementation of a service using the old version of RomPager’s HTTP parsing code, on port 80, 8080, 443, 7547, and others. http://mis.fortunecook.ie/ Justin Miller VA SkyWire, LLC 1707 E Main St Richmond, VA 23223 Office: (804) 521-4212 Desk: (804) 591-0500 ext 101 Fax: (804) 591-1559 [email protected] <blockquote> On Dec 23, 2014, at 12:00 PM, Brough Turner < [email protected] > wrote: No it's an issue with the RomPager embedded web server software from Allegro Software. See: http://www.prweb.com/releases/misfortunecookie/allegrosoft/prweb12409335.htm https://www.allegrosoft.com/allegro-software-urges-manufacturers-to-maintain-firmware-for-highest-level-of-embedded-device-security/news-press.html MikroTik does not use this software but some models by ASUS, D-Link, Edimax, Huawei, TP-Link, ZTE, and ZyXEL do. Thanks, Brough Brough Turner netBlazr Inc. – Free your Broadband! Mobile: 617-285-0433 Skype: brough netBlazr Inc. | Google+ | Twitter | LinkedIn | Facebook | Blog | Personal website On Tue, Dec 23, 2014 at 11:54 AM, Justin Miller < [email protected] > wrote: <blockquote> No it’s an issue with TR-069 which is not part of RouterOS. Justin Miller VA SkyWire, LLC 1707 E Main St Richmond, VA 23223 Office: (804) 521-4212 Desk: (804) 591-0500 ext 101 Fax: (804) 591-1559 [email protected] <blockquote> On Dec 23, 2014, at 11:25 AM, Joey Craig < [email protected] > wrote: Misfortune Cookie vulnerability affects 12 million routers | CSO Online http://www.csoonline.com/article/2862378/malware-cybercrime/misfortune-cookie-vulnerability-affects-12-million-routers.html _______________________________________________ Mikrotik-users mailing list [email protected] http://lists.wispa.org/mailman/listinfo/mikrotik-users _______________________________________________ Mikrotik-users mailing list [email protected] http://lists.wispa.org/mailman/listinfo/mikrotik-users </blockquote> _______________________________________________ Mikrotik-users mailing list [email protected] http://lists.wispa.org/mailman/listinfo/mikrotik-users </blockquote> _______________________________________________ Mikrotik-users mailing list [email protected] http://lists.wispa.org/mailman/listinfo/mikrotik-users </blockquote> -- -RickG KyWiFi _______________________________________________ Mikrotik-users mailing list [email protected] http://lists.wispa.org/mailman/listinfo/mikrotik-users
_______________________________________________ Mikrotik-users mailing list [email protected] http://lists.wispa.org/mailman/listinfo/mikrotik-users
