UPnP'd: The Litany Of Ports 139 and 445

November 30, 2018 by Marc Handelman in Routerland, Blatant Stupidity

Why in the world is this still a problem. Just say no to UPnP, and move on, dammit.

Mutually Agreed Norms for Routing Security (MANRS) →

May 25, 2018 by Marc Handelman in Network Security, Networks, Routerland, Router Security

The beginning of May 2018 saw problematic internetworking operational issues revolving around the notion of robust router security (in reality, the lack thereof...). Today's Must Read comes from ISOC personnel Megan Kruse and Aftab Siddiqui, and lightly details the initiative entitled Mutually Aagreed Norms for Routing Security (MANRS). No resolution of this issue has been unequivocally accepted, but hope does spring eternal, as such, you can learn much more about MANRS here. Enjoy the Norms, and have a go with the MANRS for Network Operators document.

JHutchins' SharknAT&To →

September 05, 2017 by Marc Handelman in Routerland, Manufacturer Stupidity, Cruft, Information Security, Network Security, Hardware Flaws, Hardware Security, Must Read

Folks, gird yourselves for the truly horrifying... Read the superlative security reportage by jhutchins at NoMotion, in which, the good Hutchins details the cruft-laden, and fundamentally idiotic practice of hard-coding accounts in low-end routerland. Behold SharknAT&To, and more, much more... Today's Must Read. H/T

"When evidence of the problems described in this report were first noticed, it almost seemed hard to believe. However, for those familiar with the technical history of Arris and their careless lingering of hardcoded accounts on their products, this report will sadly come as no surprise. For everyone else, prepare to be horrified." - via NoMotions' jhutchins