[Chugalug] 58, 000 Security Camera Systems Critically Vulnerable To Attackers
dave at brockmans.com
Tue Jan 29 21:11:56 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
On 1/29/2013 12:45 PM, Dan Lyke wrote:
> First, firewall that stuff. Firewall and NAT everything, and then
> proxy a few things through it. Maybe with a VPN, but probably not.
- -1 NAT
We *have* to get out of this IPv4 mindset that NAT is a good thing (tm).
> Second, how much do you trust your devices? Your browser? The last
> time I was talking to a guy doing deep security work, he was
> talking about trying to detect "exploit in the browser"
> infiltrations, where IE plug-ins were detecting accesses to
> specific banks, providing the credentials elsewhere, and then
> providing faked transaction and balance history pages while making
> withdrawals in the background.
The bad guys have been winning this particular war for at least the
past 5 years. And I mean the really bad guys, not the script kiddie
punk kind, the Estonian Mafia kind.....
> Stuff like that makes the fact that your new DSL modem is probably
> TR-069 enabled and your ISP's tech support person can see your
> WiFi connection info sound positively heartwarming.
Using your modem as a modem and not a router with a proper firewall at
your border will prevent that nonsense also.
"Some things in life can never be fully appreciated nor
understood unless experienced firsthand. Some things in
networking can never be fully understood by someone who neither
builds commercial networking equipment nor runs an operational
network." RFC 1925
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
-----END PGP SIGNATURE-----
More information about the Chugalug