There are a few people to blame for the vulnerabilities which allowed the DDoS attack on Friday to make access to major sites difficult. They range from lazy ISPs not implementing security standard designed to block the spoofing portion of the attack to lazy IoT developers using standardized passwords, often the defaults from the software itself. One could blame users for not updating the passwords on their devices but it is not something your average toaster shopper thinks about nor is the need well communicated in the manuals which come with IoT devices.
The commentators on Slashdot have many theories as to who the attackers were but the real issue lies with the fact that sheer laziness on the part of IoT devices and ISPs allow these attacks to succeed in the first place. They also have a link to the list of devices which were involved in the attack for those who are curious.
"If you're worried, Motherboard is pointing people to an online scanning tool from BullGuard (a U.K. anti-virus firm) which checks whether devices on your home network are listed in the Shodan search engine for unsecured IoT devices. But earlier this month, Brian Krebs pointed out the situation is exacerbated by the failure of many ISPs to implement the BCP38 security standard to filter spoofed traffic, "allowing systems on their networks to be leveraged in large-scale DDoS attacks…"
Here is some more Tech News from around the web:
- Serious Sam VR mGPU AMD RX 480 Follow Up @ [H]ard|OCP
- AMD is a rounding error on Intel's spreadsheet and that sucks for us all @ The Register
- Skype no longer works on 85 per cent of Windows Phones @ The Inquirer
- Every LTE call, text, can be intercepted, blacked out, hacker finds @ The Register
- Logitech Pop Home Switch: Perfect Solution for Smart Homes @ Hardware Secrets
- Microsoft is raising enterprise prices by almost a quarter as Brexit bites @ The Inquirer
- AT&T buys Time Warner for US$85.4bn or 1.25 Dell-EMCs @ The Register
- A Preview of Apple Watch 2 Specs and Details @ Hardware Secrets
UPnP(Universal Pawn and
UPnP(Universal Pawn and Pillage)!
Dns use a size of
Dns use a size of 512 byte (plus 64 byte of overhead max )which put it to 576 byte minimum of the ipv4 rfc 791 spec . past that ?TCP take over and fragment everything .great more resource spent on non sense but its good for server. Oh wait it get better. You could technically bypass the dns thing and basicly get rid of the whole problem but guess what .rfc 791 say the udp size is 65535 (minus 64 byte) and yet we still use 512 byte because ? Because Ms is pushing TCP with all its might even the all tamer use udp. Do you have packet drop ?check the TCP and udp (especially past 3 TCP connection .) what could go wrong. Getting a bigger CPU ? Gpu? Hard drive?nope .its ignoring the fact that hardware hasn’t been the issue since 64 bit was born . why you think people keep their I5 2500k ? Or their old 64 bit thing? Because the limit is OS imposed it isn’t the hardware limit and people know it because they tested it
Motherboard is a crap
Motherboard is a crap publication.
Internet of Trash devices
Internet of Trash devices should be banned