Geeksters #090 – National CyberSecurity Month Pt3

Direct MP3 Download: Geeksters #090 – National CyberSecurity Month Pt3

Martin Obando, Tim Bowermeister, Mitch Haman and PCFreddy talk about computer repair

Episode 90 Show Notes

Hosts:

Tim Bowermeister

Mitch Haman

Martin Obando

October – National CyberSecurity Month

**** The Best Firefox Security Add-ons 2013

http://www.ghacks.net/2013/10/21/best-firefox-security-add-ons-2013/

**** Digital Attack Map

http://www.digitalattackmap.com/

Digital Attack Map is a live data visualization of DDoS attacks around the globe, built through a collaboration between Google Ideas and Arbor Networks. The tool surfaces anonymous attack traffic data to let users explore historic trends and find reports of outages happening on a given day.

DOS – Short for denial-of-service attack, a type of attack on a network that is designed to bring the network to its knees by flooding it with useless traffic

DDOS – short for Distributed Denial of Service, is a type of DOS attack where multiple systems are used.

**** Jeff Owens OLF blog

http://www.theageofthegeek.net/2013/10/01/ohio-linux-fest-2013/

**** GTA 5 PC: Fake Download Installs 18GB Of Viruses On Would-Be-Pirates’ Machines

http://www.huffingtonpost.co.uk/2013/10/22/gta-5-pc-download-virus_n_4140875.html

Thousands of PC gamers have reportedly downloaded a huge file purporting to be a playable version of GTA 5 – only to find themselves exposed to dozens of viruses. The latest Grand Theft Auto has not been released for the PC – and developers Rockstar have given no indication of when, or if, it ever will.

*** Email

Hi Martin,

As you where discussing  on geekster podcast regarding the backdoor to Dlink router, this is what i understand about it.

They found this vulnerability by decompling the firmware. They where look at the source code for the authenticatio part which check the username and password to allowing the user to logon to the router. They found that there was extra step in the code which said if this user agent user string was this certion vaule then you dont need to check for the username  and password and go straight to admin page of the router. A agent user string is a vaule which can be sent in a web request when you request a webpage, It main use today is when you visit a website and the website what to know what browser you are running, so if it a smart phone it will send back it browsers type back in the agent user string so it can send you the mobile version of the website.

So all you need to do to access  the admin section of the dlink router is send a web request to access Http://192.168.1.1 and change the agent user string to the correct value and you will have access to it. The even more scary thing is that if people have enable remote management from the web and people can search for device type via a search engine like http://www.shodanhq.com and find dlink routers to hack.

The string does not look much it look like a random number and letters, but if they are read out back it says ‘ edit by 04882 joel back door”

The reason for this,their was  a piece of software which came on the CD to reconfigure the router so that a user did not have to goto the website to reconfigure it, but they had a problem what if someone had changed the password the program would not work so this application send the agent user string to  bypass the username and password to access the router so that it can reconfigure the router.

Hope this make it more Clear,

Alister

******************

geeksters@podnutz.com

To send a voicemail call 707-6PODNUT (707-6763688)

www.facebook.com/geeksters.tv