#qi-hardware IRC log for Monday, 2014-03-10

DocScrutinizer05BETROFFENE SYSTEME11:38
DocScrutinizer05    -   Cisco Access Point WAP4410N11:38
DocScrutinizer05    -   CISCO Gigabit Security Router11:38
DocScrutinizer05    -   CISCO Gigabit Security Router RVS400011:38
DocScrutinizer05    -   CISCO Gigabit Security Router WRVS4400N 111:38
DocScrutinizer05    -   CISCO Gigabit Security Router WRVS4400N 211:38
DocScrutinizer05    -   Linksys Router11:38
DocScrutinizer05    -   Netgear Router11:38
whitequark  what about them13:38
DocScrutinizer05sorry, flooding channel. Anyway those have open backdoor13:46
larscthey are sorrow-stricken systems13:46
DocScrutinizer05port 3276413:52
larscit's not a backdoor, it's called factory configuration interface ;)13:54
larscit is not that uncommon that they forget to remove them before shipping the device13:56
DocScrutinizer05if you wanna check your infra: <http://www.heise.de/security/dienste/portscan/test/go.shtml?scanart=3> ; check first line "[_] Ich best├Ątige, dass ich berechtigt bin, die IP-Adresse 88.217...", check "(_) Mein Scan"; enter 32764 to the textfield "Max. 10 Ports, bitte mit Kommata trennen:" below14:00
DocScrutinizer05click "Scan starten"14:01
DocScrutinizer05don't run this test from inside a paranoid corporate LAN, your sysop will visit you ;-)14:04
larscHe will visit heise14:06
DocScrutinizer05that too ;-)14:43
DocScrutinizer05or he's good at his job and doesn't even take notice from such a silly portscan14:45
Action: whitequark sighs at russian twitter20:11
DocScrutinizer05shoot the message to the next skyscraper with a ak47?22:25
--- Tue Mar 11 201400:00

Generated by irclog2html.py 2.9.2 by Marius Gedminas - find it at mg.pov.lt!