Re: [AFMUG] ubnt malware

t;> >>>>>>> - >>>>>>> Mike Hammett >>>>>>> Intelligent Computing Solutions <http://www.ics-il.com/> >>>>>>> <https://www.facebook.com/ICSIL> >>>>>>> <https://plus.google.com/+Intelli

Re: [AFMUG] ubnt malware

gt;>>>>>>>>>>> >>>>>>>>>>>>>>> On Tue, May 17, 2016 at 11:17 AM, That One Guy /sarcasm < >>>>>>>>>>>>>>> <thatoneguyst...@gmail.com>thatoneguyst...@gmail.com> wrote: >>>>

Re: [AFMUG] ubnt malware

t Internet Exchange <http://www.midwest-ix.com/> >>>>> <https://www.facebook.com/mdwestix> >>>>> <https://www.linkedin.com/company/midwest-internet-exchange> >>>>> <https://twitter.com/mdwestix> >>>>> The Br

Re: [AFMUG] ubnt malware

sp.com/> >> <https://www.facebook.com/thebrotherswisp> >> >> >> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> >> -- >> *From: *"Josh Reynolds" <j...@kyneticwifi.com> >> *To: *af@afmug.c

Re: [AFMUG] ubnt malware

P <http://www.thebrotherswisp.com/> > <https://www.facebook.com/thebrotherswisp> > > > <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> > ---------- > *From: *"Josh Reynolds" <j...@kyneticwifi.com> > *To: *af@afmug.c

Re: [AFMUG] ubnt malware

.com> To: af@afmug.com Sent: Tuesday, May 17, 2016 6:18:42 PM Subject: Re: [AFMUG] ubnt malware That only clears out the current monitoring session AFAIK, it doesn't remove entries from previous aircontrol or aircontrol2 server instances. I created a script to do this previously that took a f

Re: [AFMUG] ubnt malware

>> else. I >>>>>>>>>>>>> installed the local beta of the new CRM thing and It seems like >>>>>>>>>>>>> it barely >>>>>>>>>>>>> does anything by comparison. If you go the the for

Re: [AFMUG] ubnt malware

gt;>>>>>>>>>> installed the local beta of the new CRM thing and It seems like >>>>>>>>>>>>> it barely >>>>>>>>>>>>> does anything by comparison. If you go the the forums and find >>>>>

Re: [AFMUG] ubnt malware

the forums and find the >>>>>>>>>>>> AC2 beta >>>>>>>>>>>> forum, the first sticky post is the latest version. >>>>>>>>>>>> >>>>>>>>>>>> -Ty >>>>&

Re: [AFMUG] ubnt malware

gt;>>>>> >>>>>>>>>>> -Ty >>>>>>>>>>> >>>>>>>>>>> On Tue, May 17, 2016 at 11:07 AM, That One Guy /sarcasm < >>>>>>>>>>> thatoneguyst...@gmail.com

Re: [AFMUG] ubnt malware

gt;>>>>>> (preferably with error checking) assuming that AC2 doesnt do it I >>>>>>>>>>> would >>>>>>>>>>> sure appreciate some pointers (that dont assume I am a script >>>>>>>>>>&

Re: [AFMUG] ubnt malware

gt;>>>> thatoneguyst...@gmail.com> wrote: >>>>>>>>> >>>>>>>>>> We need to do some mass password changes and verification of the >>>>>>>>>> firmware, I assume this AC2 does this, can somebody point me to the >>>>>

Re: [AFMUG] ubnt malware

gt; firmware, I assume this AC2 does this, can somebody point me to the >>>>>>>>> most >>>>>>>>> current iteration of this? We do have the beta access. Im just >>>>>>>>> fearful of >>>>>>>>> wandering too much

Re: [AFMUG] ubnt malware

t; wandering too much on the forum looking. >>>>>>>> >>>>>>>> Will AC2 let me add configurations en mass? I need to change and >>>>>>>> add some settings, if there is a fairly simple way of doing this >>>>>>>

Re: [AFMUG] ubnt malware

(preferably >>>>>>> with error checking) assuming that AC2 doesnt do it I would sure >>>>>>> appreciate >>>>>>> some pointers (that dont assume I am a script magician) >>>>>>> >>>>>&g

Re: [AFMUG] ubnt malware

nt assume I am a script magician) >>>>>> >>>>>> On Tue, May 17, 2016 at 10:56 AM, Josh Reynolds <j...@kyneticwifi.com >>>>>> > wrote: >>>>>> >>>>>>> You want a toe? I can get you

Re: [AFMUG] ubnt malware

>>> You want a toe? I can get you a toe, believe me. There are ways, >>>>>> Dude. You don't wanna know about it, believe me. >>>>>> >>>>>> Hell, I can get you a toe by 3 o'clock this afternoon... with nail >>>

Re: [AFMUG] ubnt malware

gt;>>>>>> >>>>>>>>> wow, port 19081 turns out to be pretty popular >>>>>>>>> one im cleaning up now has a child connection active in it since i >>>>>>>>> logged in, im curious what its doing >>>>>>>>> >

Re: [AFMUG] ubnt malware

k this afternoon... with nail >>>> polish. >>>> On May 17, 2016 9:43 AM, "CBB - Jay Fuller" <par...@cyberbroadband.net> >>>> wrote: >>>> >>>>> >>>>> I WILL SEND YOU A BILL!!! (FOR YOUR HATE

Re: [AFMUG] ubnt malware

you a toe by 3 o'clock this afternoon... with nail >>> polish. >>> On May 17, 2016 9:43 AM, "CBB - Jay Fuller" <par...@cyberbroadband.net> >>> wrote: >>> >>>> >>>> I WILL SEND YOU A BILL!!! (FOR YOUR HATE))) >>>> &

Re: [AFMUG] ubnt malware

gt;>> >>> >>> - Original Message - >>> *From:* Ty Featherling <tyfeatherl...@gmail.com> >>> *To:* af@afmug.com >>> *Sent:* Tuesday, May 17, 2016 8:29 AM >>> *Subject:* Re: [AFMUG] ubnt malware >>> >>> We'

Re: [AFMUG] ubnt malware

rbroadband.net> > wrote: > >> >> I WILL SEND YOU A BILL!!! (FOR YOUR HATE))) >> >> hah >> >> >> >> - Original Message - >> *From:* Ty Featherling <tyfeatherl...@gmail.com> >> *To:* af@afmug.com >> *Sent:* Tuesd

Re: [AFMUG] ubnt malware

I WILL SEND YOU A BILL!!! (FOR YOUR HATE))) > > hah > > > > - Original Message - > *From:* Ty Featherling <tyfeatherl...@gmail.com> > *To:* af@afmug.com > *Sent:* Tuesday, May 17, 2016 8:29 AM > *Subject:* Re: [AFMUG] ubnt malware > > We're

Re: [AFMUG] ubnt malware

I WILL SEND YOU A BILL!!! (FOR YOUR HATE))) hah - Original Message - From: Ty Featherling To: af@afmug.com Sent: Tuesday, May 17, 2016 8:29 AM Subject: Re: [AFMUG] ubnt malware We're the hatiest! Our hate is refined though, and surgically applied. The forums are more

Re: [AFMUG] ubnt malware

nternet Exchange <http://www.midwest-ix.com/> >>>>> <https://www.facebook.com/mdwestix> >>>>> <https://www.linkedin.com/company/midwest-internet-exchange> >>>>> <https://twitter.com/mdwestix> >>>>> The Brothers WISP <

Re: [AFMUG] ubnt malware

: higher quality hate > > *From:* Ty Featherling <tyfeatherl...@gmail.com> > *Sent:* Tuesday, May 17, 2016 7:21 AM > *To:* af@afmug.com > *Subject:* Re: [AFMUG] ubnt malware > > When Steve comes back from somewhere complaining of too much hate, you > know that place is a he

Re: [AFMUG] ubnt malware

higher quality hate *From:* Ty Featherling <mailto:tyfeatherl...@gmail.com> *Sent:* Tuesday, May 17, 2016 7:21 AM *To:* af@afmug.com <mailto:af@afmug.com> *Subject:* Re: [AFMUG] ubnt malware When Steve comes back from somewhere complaining of too much hate, you know that place is a h

Re: [AFMUG] ubnt malware

@afmug.com> Sent: Monday, May 16, 2016 9:16:40 PM Subject: Re: [AFMUG] ubnt malware If you have firewall rules at the edge of the network blocking the management ports ti the airrouters that are on public IPs, they're probably fine. We still have some radios that ar

Re: [AFMUG] ubnt malware

s> >>>>> <https://twitter.com/ICSIL> >>>>> Midwest Internet Exchange <http://www.midwest-ix.com/> >>>>> <https://www.facebook.com/mdwestix> >>>>> <https://www.linkedin.com/company/midwest-internet-exchange> >>

Re: [AFMUG] ubnt malware

t;>>> Midwest Internet Exchange <http://www.midwest-ix.com/> >>>> <https://www.facebook.com/mdwestix> >>>> <https://www.linkedin.com/company/midwest-internet-exchange> >>>> <https://twitter.com/mdwestix> >>>> The Br

Re: [AFMUG] ubnt malware

>> <https://www.facebook.com/thebrotherswisp> >>> >>> >>> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> >>> -- >>> *From: *"Mathew Howard" <mhoward...@gmail.com> >>> *To

Re: [AFMUG] ubnt malware

p> >> >> >> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> >> -- >> *From: *"Mathew Howard" <mhoward...@gmail.com> >> *To: *"af" <af@afmug.com> >> *Sent: *Monday, May 16, 2016 9:1

Re: [AFMUG] ubnt malware

/> > <https://www.facebook.com/thebrotherswisp> > > > <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> > ---------- > *From: *"Mathew Howard" <mhoward...@gmail.com> > *To: *"af" <af@afmug.com> > *Sent: *Monday, May 16

Re: [AFMUG] ubnt malware

don't think i've come across that - - except maybe the http port was changed? perhaps hammett can chime in, i think he's read all 30 pages too lol - Original Message - From: TJ Trout To: af@afmug.com Sent: Monday, May 16, 2016 9:13 PM Subject: Re: [AFMUG] ubnt malware

Re: [AFMUG] ubnt malware

.com> To: af@afmug.com Sent: Monday, May 16, 2016 9:50:22 PM Subject: Re: [AFMUG] ubnt malware As i understand it, if the jar tools works, the device had not been fully compromised yet? or it was scanning the rest of the network during the timeframe mentioned? Ive found two, cleaned th

Re: [AFMUG] ubnt malware

m/+IntelligentComputingSolutionsDeKalb> >>> <https://www.linkedin.com/company/intelligent-computing-solutions> >>> <https://twitter.com/ICSIL> >>> Midwest Internet Exchange <http://www.midwest-ix.com/> >>> <https://www.facebook.com/mdwestix> >>&

Re: [AFMUG] ubnt malware

others WISP <http://www.thebrotherswisp.com/> > <https://www.facebook.com/thebrotherswisp> > > > <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> > -------------- > *From: *"That One Guy /sarcasm" <thatoneguyst...@gmail.com> > *To

Re: [AFMUG] ubnt malware

afmug.com> Sent: Monday, May 16, 2016 9:16:40 PM Subject: Re: [AFMUG] ubnt malware If you have firewall rules at the edge of the network blocking the management ports ti the airrouters that are on public IPs, they're probably fine. We still have some radios that are on old firmware,

Re: [AFMUG] ubnt malware

thers WISP From: "Josh Reynolds" < j...@kyneticwifi.com > To: af@afmug.com Sent: Monday, May 16, 2016 8:30:12 PM Subject: Re: [AFMUG] ubnt malware It's self replicating. They patched this long ago. It hits people with radios on public IPs. On May 16, 2016 8:19 PM,

Re: [AFMUG] ubnt malware

had gone default) >> >> >> - Original Message - >> *From:* That One Guy /sarcasm <thatoneguyst...@gmail.com> >> *To:* af@afmug.com >> *Sent:* Monday, May 16, 2016 8:41 PM >> *Subject:* Re: [AFMUG] ubnt malware >> >> yeah, tha

Re: [AFMUG] ubnt malware

al Message - >>> *From:* Josh Reynolds <j...@kyneticwifi.com> >>> *To:* af@afmug.com >>> *Sent:* Monday, May 16, 2016 8:56 PM >>> *Subject:* Re: [AFMUG] ubnt malware >>> >>> There's a huge like 27 page forum thread on it.

Re: [AFMUG] ubnt malware

If you have firewall rules at the edge of the network blocking the management ports ti the airrouters that are on public IPs, they're probably fine. We still have some radios that are on old firmware, but I haven't been able to find anything on our network that's infected. Fortunately, when I

Re: [AFMUG] ubnt malware

> *To:* af@afmug.com >> *Sent:* Monday, May 16, 2016 8:56 PM >> *Subject:* Re: [AFMUG] ubnt malware >> >> There's a huge like 27 page forum thread on it. >> On May 16, 2016 8:38 PM, "That One Guy /sarcasm" < >> thatoneguyst...@gmail.com> wrote: &

Re: [AFMUG] ubnt malware

ds <j...@kyneticwifi.com> > *To:* af@afmug.com > *Sent:* Monday, May 16, 2016 8:56 PM > *Subject:* Re: [AFMUG] ubnt malware > > There's a huge like 27 page forum thread on it. > On May 16, 2016 8:38 PM, "That One Guy /sarcasm" < > thatoneguyst...@gmail.com> wrote:

Re: [AFMUG] ubnt malware

t; *From:* That One Guy /sarcasm <thatoneguyst...@gmail.com> > *To:* af@afmug.com > *Sent:* Monday, May 16, 2016 8:41 PM > *Subject:* Re: [AFMUG] ubnt malware > > yeah, thats amazing me, one fella was complaining about how much of a > problem it would be to take a unit offli

Re: [AFMUG] ubnt malware

Yup. Spent 3 hours reading it all last night - Original Message - From: Josh Reynolds To: af@afmug.com Sent: Monday, May 16, 2016 8:56 PM Subject: Re: [AFMUG] ubnt malware There's a huge like 27 page forum thread on it. On May 16, 2016 8:38 PM, "That On

Re: [AFMUG] ubnt malware

e > because you haven't accepted the TOS on the radios (which had gone default) > > > - Original Message - > *From:* That One Guy /sarcasm <thatoneguyst...@gmail.com> > *To:* af@afmug.com > *Sent:* Monday, May 16, 2016 8:41 PM > *Subject:* Re: [AFMUG] ubnt

Re: [AFMUG] ubnt malware

@afmug.com Sent: Monday, May 16, 2016 8:41 PM Subject: Re: [AFMUG] ubnt malware yeah, thats amazing me, one fella was complaining about how much of a problem it would be to take a unit offline to get on a bench. I would think if things are that bad that your network is progressively shutting

Re: [AFMUG] ubnt malware

dwestix> >> <https://www.linkedin.com/company/midwest-internet-exchange> >> <https://twitter.com/mdwestix> >> The Brothers WISP <http://www.thebrotherswisp.com/> >> <https://www.facebook.com/thebrotherswisp> >> >> >> <https://www.yo

Re: [AFMUG] ubnt malware

18 hours, try login username mother with password of f*cker... yah. that's original. - Original Message - From: That One Guy /sarcasm To: af@afmug.com Sent: Monday, May 16, 2016 8:37 PM Subject: Re: [AFMUG] ubnt malware are we talking can see layer two, can see via

Re: [AFMUG] ubnt malware

yeah, thats amazing me, one fella was complaining about how much of a problem it would be to take a unit offline to get on a bench. I would think if things are that bad that your network is progressively shutting down, convenience would be the least of your concerns. I have to investigate a

Re: [AFMUG] ubnt malware

hannel/UCXSdfxQv7SpoRQYNyLwntZg> > -------------- > *From: *"Josh Reynolds" <j...@kyneticwifi.com> > *To: *af@afmug.com > *Sent: *Monday, May 16, 2016 8:30:12 PM > *Subject: *Re: [AFMUG] ubnt malware > > > It's self replicating. They pat

Re: [AFMUG] ubnt malware

Or threatening to sue because of their own personal ignorance and negligence. On May 16, 2016 8:32 PM, "Mike Hammett" wrote: > A good amount of it is just people that don't know any better making false > observations. > > > > - > Mike Hammett > Intelligent Computing

Re: [AFMUG] ubnt malware

A good amount of it is just people that don't know any better making false observations. - Mike Hammett Intelligent Computing Solutions Midwest Internet Exchange The Brothers WISP - Original Message - From: "That One Guy /sarcasm" To:

Re: [AFMUG] ubnt malware

: Monday, May 16, 2016 8:30:12 PM Subject: Re: [AFMUG] ubnt malware It's self replicating. They patched this long ago. It hits people with radios on public IPs. On May 16, 2016 8:19 PM, "That One Guy /sarcasm" < thatoneguyst...@gmail.com > wrote: >From what im reading in

Re: [AFMUG] ubnt malware

It's self replicating. They patched this long ago. It hits people with radios on public IPs. On May 16, 2016 8:19 PM, "That One Guy /sarcasm" wrote: > From what im reading in their forums something set off over the weekend? > or is it ubnt douche nozzles? > > It sounds