[nsp-sec] Contacts at SOHO manufacturers (tp-link, airlive, dlink, micronet) ?
Scott A. McIntyre
scott at howyagoin.net
Tue Mar 4 15:48:03 EST 2014
Hi,
On Wed, Mar 5, 2014, at 5:59, Smith, Donald wrote:
> ----------- nsp-security Confidential --------
>
> For thos of you that haven't seen this yet:
> https://www.team-cymru.com/ReadingRoom/Whitepapers/2013/TeamCymruSOHOPharming.pdf
>
> This was probably the reason Jacomo was asking for contacts :(
>
> I will be doing a netflow report for udp 53 towards 5.45.75.11
> and 5.45.75.36 in the near future:(
Yeah, we did the same yesterday and found a number of matches (but our
flow is sampled at an annoying rate, so, likely missed a fair few). As
far as we have been able to determine, it's not coming from the CPE
devices we provide, but customer's BYO devices.
We've been having an increasing headache with CPE devices, as I'm sure
pretty much everyone reading has had. The Sales & Marketing push to
have 0 touch, no config, yet with infinite powers and accessibility is
causing chaos.
Time to put our collective feet down and say No More.
Scott
---
Scott A. McIntyre
AS1221 Telstra
More information about the nsp-security
mailing list