Quantcast
Channel: CodeSection,代码区,网络安全 - CodeSec
Viewing all articles
Browse latest Browse all 12749

Routers, IP Cameras/Phones & IoT Devices can be Security Risks even with t ...

0
0

I’ve just read an interesting article entitled “ who makes the IoT things under attack “, explaining that devices connected to the Internet such as router, IP cameras, IP Phones, etc.. may be used by Botnet to launch DDoS attacks, and they do so using the default username and password. So you may think once you’ve updated the firmware when available, and changes the default admin/admin in the user interface, you’d be relatively safe. You’d be wrong, because the malware mentioned in the article, Mirai , uses Telnet or SSH trying a bunch of default username and password.

That made me curious, so I scanned the ports on my TP-Link wireless router and ZTE ZXHN F600W fiber-to-the-home GPON modem pictured below, and installed by my Internet provider, the biggest in the country I live, so there may be hundred of thousands or millions of such modems in the country with the same default settings.


Routers, IP Cameras/Phones & IoT Devices can be Security Risks even with t ...
I’ve started by scanning the TP-Link router in the local network: <br /> sudo nmap -sS 192.168.0.1</p> <p>Starting Nmap 7.01 ( https://nmap.org ) at 2016-10-06 10:10 ICT<br /> Nmap scan report for 192.168.0.1 (192.168.0.1)<br /> Host is up (0.00034s latency).<br /> Not shown: 997 closed ports<br /> PORT STATE SERVICE<br /> 80/tcp open http<br /> 1900/tcp open upnp<br /> 49152/tcp open unknown<br /> MAC Address: 94:0C:6D:XX:XX:XX (Tp-link Technologies)</p> <p>Nmap done: 1 IP address (1 host up) scanned in 14.15 seconds<br />

1

2

3

4

5

6

7

8

9

10

11

12

13

sudo nmap - sS 192.168.0.1

Starting Nmap 7.01 ( https : / / nmap .org ) at 2016 - 10 - 06 10 : 10 ICT

Nmap scan report for 192.168.0.1 ( 192.168.0.1 )

Host is up ( 0.00034s latency ) .

Not shown : 997 closed ports

PORT STATE SERVICE

80 / tcp open http

1900 / tcp open upnp

49152 / tcp open unknown

MAC Address : 94 : 0C : 6D : XX : XX : XX ( Tp - link Technologies )

Nmap done : 1 IP address ( 1 host up ) scanned in 14.15 seconds

UPnP and the web interface ports are open, plus an extra post likely opened by UPnP, which looked fine.

Now I did the same on the ZTE modem in the local network first:

<br /> sudo nmap -sS 192.168.1.1</p> <p>Starting Nmap 7.01 ( https://nmap.org ) at 2016-10-06 10:10 ICT<br /> Nmap scan report for 192.168.1.1 (192.168.1.1)<br /> Host is up (0.00086s latency).<br /> Not shown: 996 closed ports<br /> PORT STATE SERVICE<br /> 23/tcp open telnet<br /> 53/tcp open domain<br /> 80/tcp open http<br /> 443/tcp open https</p> <p>Nmap done: 1 IP address (1 host up) scanned in 20.12 seconds<br />

1

2

3

4

5

6

7

8

9

10

11

12

13

sudo nmap - sS 192.168.1.1

Starting Nmap 7.01 ( https : / / nmap .org ) at 2016 - 10 - 06 10 : 10 ICT

Nmap scan report for 192.168.1.1 ( 192.168.1.1 )

Host is up ( 0.00086s latency ) .

Not shown : 996 closed ports

PORT STATE SERVICE

23 / tcp open telnet

53 / tcp open domain

80 / tcp open http

443 / tcp open https

Nmap done : 1 IP address ( 1 host up ) scanned in 20.12 seconds

The telnet port is opened that’s not good… I would be much worse if it was also open with the public IP:

<br /> sudo nmap -sS MODEM-PUBLIC-IP<br /> Starting Nmap 7.01 ( https://nmap.org ) at 2016-10-06 10:11 ICT<br /> Nmap scan report for MODEM-PUBLIC-IP<br /> Host is up (0.00088s latency).<br /> Not shown: 996 closed ports<br /> PORT STATE SERVICE<br /> 23/tcp open telnet<br /> 53/tcp open domain<br /> 80/tcp open http<br /> 443/tcp open https </p> <p>Nmap done: 1 IP address (1 host up) scanned in 22.71 seconds<br />

1

2

3

4

5

6

7

8

9

10

11

12

sudo nmap - sS MODEM - PUBLIC - IP

Starting Nmap 7.01 ( https : / / nmap .org ) at 2016 - 10 - 06 10 : 11 ICT

Nmap scan report for MODEM - PUBLIC - IP

Host is up ( 0.00088s latency ) .

Not shown

Viewing all articles
Browse latest Browse all 12749

Latest Images

Trending Articles





Latest Images