Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: CISCO announces important vulnerability of consumer used network devices (routers)

  1. #1
    Join Date
    Feb 2018
    Location
    Romania
    Posts
    398

    Default CISCO announces important vulnerability of consumer used network devices (routers)

    I think that is good to share some news about Linux and hardware.

    I have a QNAP TS251. I think I will do a factory reset.

    https://arstechnica.com/information-...-with-malware/

  2. #2
    Join Date
    Jun 2008
    Location
    Auckland, NZ
    Posts
    20,009
    Blog Entries
    1

    Default Re: News from forum members

    Thanks for sharing this. Very worrying news indeed.

  3. #3
    Join Date
    Feb 2018
    Location
    Romania
    Posts
    398

    Default Re: News from forum members

    You're welcome.
    I hope this thread will be useful.

  4. #4

    Default Re: News from forum members

    Here is an article from Reuters on FBI action to try and avoid:

    https://www.reuters.com/article/us-c...-idUSKCN1IO1U9
    I don’t have anything to hide, but I don’t have anything I want to show you either.

  5. #5
    Join Date
    Feb 2010
    Location
    Germany
    Posts
    2,415

    Default Re: News from forum members

    On the other hand, in April, Cisco warned about a back-door in their "Smart Install Client": <https://blog.talosintelligence.com/2...e-at-risk.html>.
    Kaspersky noticed it as well: <https://www.kaspersky.com/blog/cisco-apocalypse/21966/>.
    There were reports in German language IT news streams of this issue November last year.

    If the back-door was there, and a few people were aware of it, then …

    Further administration warnings from Cisco:
    <https://tools.cisco.com/security/cen...-20180328-smi2>
    <https://github.com/Cisco-Talos/smi_check>
    <https://tools.cisco.com/security/cen...a-20170214-smi>

    Haven't noticed anything from Bruce Schneier on this yet: <https://www.schneier.com/>.

    BTW: QNAP have another issue with their firmware version (4.3.4.0588 Build 20180519) «which they've withdrawn » -- the "admin" login loops on a "Data Protection" notice presumably introduced due to the European Data Protection law which becomes effective tomorrow …
    I need to revert to an earlier image by means of "CLI via SSH" …

  6. #6
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    24,729

    Default Re: News from forum members

    Staff have looked at this thread. They think:
    • That the titles suggests that this is a thread where forum members announce their marriage or that they are going on holidays, or bought a new system, but in fact it is a bout a more serious subject. Thus the title will be changed.
    • The News and Announcements section is for news and announcements made by the project (often started by a newsbot inside SUSE/openSUSE. Also this is not directly about openSUSE. Thus it will be moved to General Chitchat.


    While these moves are made, the thread is CLOSED.
    Henk van Velden

  7. #7
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    24,729

    Default Re: CISCO announces important vulnerability of consumer used network devices (routers)

    Quote Originally Posted by another_roadrunner View Post
    I think that is good to share some news about Linux and hardware.

    I have a QNAP TS251. I think I will do a factory reset.

    https://arstechnica.com/information-...-with-malware/
    Moved from Announcements and open again.
    Henk van Velden

  8. #8
    Join Date
    Feb 2010
    Location
    Germany
    Posts
    2,415

    Exclamation Re: CISCO announces important vulnerability of consumer used network devices (routers)

    QNAP have announced a security advisory: <https://www.qnap.com/en/security-advisory/NAS-201805-24>.
    Please note the build dates: "QTS 4.2.6 build 20170628, 4.3.3 build 20170703, and earlier versions, or using the default password for the administrator account."
    I guess that, the current Build I'm running is OK: "20180501, version 4.3.4.0569".

  9. #9
    Join Date
    Feb 2018
    Location
    Romania
    Posts
    398

    Default Re: CISCO announces important vulnerability of consumer used network devices (routers)

    Thanks.
    Anyway I did a factory reset and changed my passw.

  10. #10
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    24,729

    Default Re: CISCO announces important vulnerability of consumer used network devices (routers)

    Quote Originally Posted by another_roadrunner View Post
    ... changed my passw.
    Do you confess with this that you did not change the default password on the device as soon as you started using it? Basic security action my dear Watson.
    Henk van Velden

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •