Re: Hackers hijack 300, 000-plus wireless routers, make malicious changes | Ars Technica

[Warren Bailey <wbailey () satelliteintelligencegroup com>]

I don¹t know that they have a lot of motivation to support ³legacy² access
points. The home brew guys tend to magically ³find² ways to install
software on these POS CPE AP/Router combos, which I don¹t think is a
coincidence. The linksys types of the world want to sell more routers, not
make routers that suddenly have an amazing 8 year shelf life. Most people
get tired of that POS box that gives them internet not working, and buy a
new LESS POS with whatever 802.xxx of the week/month/year/shopping season.
The margins probably really suck if you support a piece of plastic longer
than __ months, so I doubt you¹ll see anyone supporting their cheap box
any time soon. I bet if you offered them a way to do it for free, they¹d
look at it ;)


On 3/4/14, 11:52 AM, "Merike Kaeo" <kaeo () merike com> wrote:

> On Mar 4, 2014, at 6:54 AM, Valdis.Kletnieks () vt edu wrote:
>
> > On Tue, 04 Mar 2014 09:28:01 -0400, jim deleskie said:
> > > Why want to swing such a big hammer.  Even blocking those 2 IP's will
> > > isolate your users, and fill your support queue's.
> > >
> > > Set up a DNS server locally to reply to those IP's  Your customers
> > > stay up
> > > and running and blissfully unaware.
> > >
> > > Log the IP's hitting your DNS servers on those IP and have your support
> > > reach out to them in a controlled way, or  reply to any request via DNS
> > > with an internal host that has a web page explaining what is broken
> > > and how
> > > they can fix it avoiding  at least some of the calls to your helpdesk.
> >
> > Two words: "DNS Changer".  What did we learn from that?
>
> My thoughts exactly.  Some walled gardens set up in those instances.
>
> And don't blindly follow someone's advice without looking at impacts to
> your
> networks.  
>
> CPE devices are just a huge cesspool.  Any device that already doesn't
> let you
> change username 'admin' is off to a bad start.   We have to get these
> supposedly
> 'plug it in and never touch it' devices to be better at firmware upgrades.
>
> - merike