I don't believe it.
We have a friend that comes to some outrageous conclusions with scant
information, and practically zero technical knowledge. Yet when he
explains something, he sounds perfectly reasonable with impeccable
logic. It just never is.
bp
<part15sbs{at}gmail{dot}com>
On 4/10/2016 1:29 PM, That One Guy /sarcasm wrote:
So we have this customer who experienced a ferocious malware, still
waiting on more details from the customer, its very interesting
because it crossed multiple platforms. multiple cell phones, a
satellite DVR, a PC etc. Im not sure how he verified infection, but he
did have to factory his phones, his PC he said required a hard drive
replacement (not sure what or who decided this) not sure how the
satellite DVR was mitigated. He thinks it came from a Rise Broadband
(formerly Prairie Inet ESSID (I doubt this, the ESSIDs prairie inet
ran were open, with other security for the access)
With it being as cross platform as it was im wondering how i would
check the air router we provide to see if it got hit as well. All we
do is a dump file on the current firmware that sets a password,
ensures 443 is open, sets a DMZ to an IP out of the DHCP scope, and we
manually set the ESSID with WPA2, the key being the MAC on the label (
it think this is the WLAN) (we disable snmp, telnet, but leave ssh
open), we also turn off CDP and the ubnt discovery
Im hoping he has some good info on what this actually was, and its not
just a case of his buddy jim telling him all this.
Anybody know of something in the wild capable of hitting all these
devices across a network (wired/wireless)
Im asking about the airrrouter in particular, considering if it were
impacted, that could be a mess at the POP since most customer NAT are
in the same subnet, with duplicate configs
--
If you only see yourself as part of the team but you don't see your
team as part of yourself you have already failed as part of the team.
