by DanMcInerney on 4/18/14, 11:33 AM with 78 comments
by bradleyland on 4/18/14, 2:36 PM
I'm trying to avoid sounding like Chicken Little here, but this article makes these actions very accessible. If you're someone who is just getting started toying with networks and security, it's likely that you haven't thought through what can happen if something you try actually works.
Nmap has a great page that discusses the ins-and-outs of the civil and legal issues involved with port scanning (a related activity). However, keep in mind that the guide linked here goes well beyond port scanning in to actually attempting, and presumably, gaining access to someone else's network. While the legality of port scanning is ambiguous, accessing someone else's network is not. If you land on the wrong guy's lawn, you can end up in a very expensive, and potentially dangerous place.
by hf on 4/18/14, 1:38 PM
I am reminded of Steve Kemp's 2014 post »Secure your rsync shares, please«[0], relating how he abandoned a project employing zmap[1] upon discovering numerous openly accessible rsync shares containing sensible information. His closing remarks echo the sentiment of the article under discussion here: "I considered not posting this, but I suspect 'bad people' already know..,"[0]
What can be done? Are we reduced to just securing our friends' and families' infrastructure, all the while standing by idly while others outside of our direct sphere of influence suffer the consequences of naïvety?
[0] http://blog.steve.org.uk/secure_your_rsync_shares__please_.h...
[1] A cleverly-built, fast network scanner, https://zmap.io/
[2] http://danmcinerney.org/how-to-exploit-home-routers-for-anon...
by user24 on 4/18/14, 1:13 PM
perhaps a mod can update the URL.
by bluedino on 4/18/14, 1:04 PM
I wonder how many botnets use this technique instead of randomly scanning, whether it's their own implementation/database or using a service such as this. Also an interesting business model, "I've got the addresses of 10,000 XYZ routers, model 1234, for $50.00"
by noonespecial on 4/18/14, 9:41 PM
If you take over a single router, a provider does indeed have logs of both the inbound you used to reach the router, and the outbound traffic you create from it. Simple timing logging will show its you and if its "their" router, they'll (at least theoretically) be able to decrypt your traffic too. (And that's assuming it wasn't a great big tasty honey-pot to begin with, pooh-bear)
If you must do this, bounce between a few... and if you must do this, just use tor already.
by kordless on 4/18/14, 2:31 PM
1. I have a right to read or write public information in an anonymous way.
2. I have a right to prevent you from reading or writing MY private information in an anonymous way, even if the intent is to obtain the right to exercise #1 in the process.
3. Using someone else's infrastructure/compute/power to enable #1 without breaking #2 requires you pay for it. I would also propose my private information is available at a price.
Expecting the right to anonymity by removing the rights of others in the process places an individual in cognitive dissonance. It's not a good place to be.
With the advent of cryptocurrencies, we're finally in a place someone can pay me to use a portion of my infrastructure for enabling their anonymity. I'm willing to contribute to the cause as long as it's worth my while.
by dtwwtd on 4/18/14, 2:59 PM
http://defcon.org/html/links/dc-archives/dc-19-archive.html#...
by timtadh on 4/18/14, 3:10 PM
by bananas on 4/19/14, 10:08 AM
http://www.nickkusters.com/Services/Thomson-SpeedTouch
Yes - default WiFi passwords for a big chunk of the routers in Europe are pretty easy to calculate.
by jonaldomo on 4/18/14, 2:05 PM
by dfa0 on 4/18/14, 1:46 PM
I'm still amazed by how many people drive around leaving their cars unlocked.
by abus on 4/18/14, 1:47 PM
by MrClean on 4/18/14, 1:26 PM
by notastartup on 4/18/14, 5:13 PM