We addressed the weak DDOS amplification in 2017 based on a report to our Bug Bounty Program ( https://hackerone.com/ubnt ), but this article seems to be associating any and all security issues from the last and representing them as new. There is a security report related to the discovery protocol that is under investigation that in some cases can lead to the radio losing management access until a reboot. Restricting access to discovery on public-facing radios would be a good step to take until we have more info on the management + discovery bug. In v8.5.8 we added the option to limit management/discovery access by subnet/cidr to further simplify protecting radios (router mode only)
8.3.2 (XC, WA) Changelog / September 1, 2017 New: Add support for RFC 6598 (CGN) private IP responses via Discovery 8.1.3 (XC, WA) Changelog / June 2, 2017 Use TCP protocol instead of UDP for UBNT discovery queries from Public IPs 6.0.7 (XM/XW/TI) Changelog / September 8, 2017 New: * New: Add support for RFC 6598 (CGN) private IP responses via Discovery 6.0.4 (XM/XW/TI) Changelog / May 5, 2017 Fix: Limit discovery response to queries from private subnets or multicast/broadcast On Tue, Feb 5, 2019 at 4:44 PM Matt Hoppes < [email protected]> wrote: > Ubiquiti claims it can’t be used as an amplifier. I’m not sure how I > believe them. > > On Feb 5, 2019, at 4:19 PM, Mathew Howard <[email protected]> wrote: > > Can you get lower grade WISP equipment? > > On Tue, Feb 5, 2019 at 12:51 PM Adam Moffett <[email protected]> wrote: > >> it's all relative >> >> On 2/5/2019 10:28 AM, Mathew Howard wrote: >> >> "Most affected devices are high-grade WISP equipment" >> >> 😂 >> >> On Tue, Feb 5, 2019 at 9:23 AM Steve Jones <[email protected]> >> wrote: >> >>> am i the only one who shuts off discovery? >>> >>> On Tue, Feb 5, 2019 at 8:25 AM Ken Hohhof <[email protected]> wrote: >>> >>>> Is it my imagination, or does that article veer off toward the end into >>>> stuff that may not be Ubiquiti problems at all? And from the description >>>> of the problem, I don’t see how it would lead to radios being “defaced”, >>>> just used as an amplifier via Ubiquiti Discovery Protocol. >>>> >>>> >>>> >>>> *From:* AF <[email protected]> *On Behalf Of *Jaime Solorza >>>> *Sent:* Monday, February 4, 2019 7:00 PM >>>> *To:* AnimalFarm Microwave Users Group <[email protected]> >>>> *Subject:* [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new >>>> attack | ZDNet >>>> >>>> >>>> >>>> >>>> https://www.zdnet.com/article/over-485000-ubiquiti-devices-vulnerable-to-new-attack/ >>>> -- >>>> AF mailing list >>>> [email protected] >>>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>>> >>> -- >>> AF mailing list >>> [email protected] >>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>> >> >> >> -- >> AF mailing list >> [email protected] >> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >> > -- > AF mailing list > [email protected] > http://af.afmug.com/mailman/listinfo/af_af.afmug.com > > -- > AF mailing list > [email protected] > http://af.afmug.com/mailman/listinfo/af_af.afmug.com >
-- AF mailing list [email protected] http://af.afmug.com/mailman/listinfo/af_af.afmug.com
