[195273] in North American Network Operators' Group
Hacked DVRs again?! (Probably the wrong forum, but probably of
daemon@ATHENA.MIT.EDU (Large Hadron Collider)
Tue Jul 11 22:57:28 2017
X-Original-To: nanog@nanog.org
To: nanog@nanog.org
From: Large Hadron Collider <large.hadron.collider@gmx.com>
Date: Tue, 11 Jul 2017 19:57:22 -0700
Errors-To: nanog-bounces@nanog.org
So, I run a small chat service and it has attracted abuse from multiple
kinds of open device.
Most recently, I've found DVRs being spammed through. This is the kind
of "default password"/"open Cisco" abuse that is very hard to detect
with an open proxy scanner without, well, logging in and seeing if you
get a shell.
Has anyone ever seen this? What can I do to prevent it?
