Wanna bet they expose SSH on port 22 to the internet on their “critical” servers? 🤣
Wanna bet they expose SSH on port 22 to the internet on their “critical” servers? 🤣
Sure, but the author makes it sounds like thats its their standard way of doing things, which is insane.
And if you do have a misconfiguration, the rational thing is to fix that, not dump the entire platform.
If the hypervisor or any of its components are exposed to the Internet
Lemme stop you right there, wtf are you doing exposing that to the internet…
(This is directed at the article writer, not OP)
The malware argument is a bit weak, if your router is vulnerable to something it’ll likely be found and pwnd in a matter of minutes, so turning it off a night won’t really save you. And once a patch is released, it’ll be reverse engineered in a few hours/days, so ideally you want patches as soon as they are released.
Using your own device is usually a good idea anyway, telco stuff is usually pretty mediocre. And as soon as your device is slightly custom, it becomes a less valuable target.
Sure, except we are defenceless to the rampant dropbears. /s
Australia is a funny example for gun control. Yanks seem to think we have no guns at all, but the reality is that as long as you are mentally sound and store your guns safely, they aren’t that hard to get.
You’ll definitely get lots of login attempts. I used to have a port 22 ssh, hundreds of attempts per day.
Would be interesting to see what post login behavior was.