to me the whole deal is simply a reminder to change passwords from default if they're not already.
Michael P. Blanchard Antivirus / Security Engineer, CISSP, GCIH, CCSA-NGX, MCSE Office of Information Security & Risk Management EMC ² Corporation 4400 Computer Dr. Westboro, MA 01580 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gary Funck Sent: Monday, February 19, 2007 5:34 PM To: [EMAIL PROTECTED] Org Subject: [funsec] Don't click that link - it may re-program your router? What does clicking on a "suspicious link" have to do with being pharmed (or is that getting pharmed)? And if someone has re-programmed my router, how will disabling Javascript save me? And I must ask ... is this a real present threat, or a security software vendor FUD campaign? http://news.yahoo.com/s/nf/20070219/tc_nf/50150 Millions Vulnerable to New Hack Attack Elizabeth Millard, newsfactor.com Mon Feb 19, 1:25 PM ET Security firm Symantec and the Indiana University School of Informatics have discovered a new type of security threat that could leave up to 50 percent of home broadband users susceptible to attack. Called "drive-by pharming," the threat is focused on home routers, which can be reconfigured and directed to a malicious Web site if default settings and passwords are being used. [...] Symantec recommends that users should change their default passwords and= employ a multilayered security strategy consisting of an Internet security program that combines antivirus, firewall, intrusion detection, and vulnerability protection. Also important, the research team noted, is avoiding clicking on links that seem suspicious. But the main issue, according to Sophos senior technology consultant Graham Cluley, is that many users either do not change settings or use the password supplied by the manufacturer. Many devices are given obvious passwords for shipping and setup, such as "administrator" or "password," which Cluley noted are very easy for hackers to guess. [...] "More prominent warnings that passwords have not been changed from their default might help encourage users to take this relatively simple step," he said. An additional line of defense is to disable JavaScript on untrusted Web sites, he added. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
