Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Botnet

Botnet Uses Default Passwords To Conduct "Internet Census 2012" 222

An anonymous reader writes "By using four different login combinations on the default Telnet port (root/root, admin/admin, root/[no password], and admin/[no password]), an anonymous researcher was able to log into (and upload a binary to) 'several hundred thousand unprotected devices' and run 'a super fast distributed port scanner' to scan the enitre IPv4 address space." From the report: "While playing around with the Nmap Scripting Engine (NSE) we discovered an amazing number of open embedded devices on the Internet. Many of them are based on Linux and allow login to standard BusyBox with empty or default credentials. We used these devices to build a distributed port scanner to scan all IPv4 addresses. These scans include service probes for the most common ports, ICMP ping, reverse DNS and SYN scans. We analyzed some of the data to get an estimation of the IP address usage. All data gathered during our research is released into the public domain for further study."

Slashdot Top Deals

"The pyramid is opening!" "Which one?" "The one with the ever-widening hole in it!" -- The Firesign Theatre

Working...