On what basis do you assume that there is TR-069 support in these routers? And even if there is, that the service provider manages them via TR-069? Frank -----Original Message----- From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of Eric Tykwinski Sent: Friday, December 19, 2014 6:47 PM To: Jay Ashworth Cc: NANOG Subject: Re: Ars breaks Misfortune Cookie vulnerability news to public Here’s the thing I don’t get… You have X provider supplying routers with vulnerable firmware that have remote support (TR-069) enabled. Why would Check Point not at least name and shame, instead of trying to market their security? I know the hack is old, but grandma isn’t probably up to date on the latest firmware that should have been upgrade through TR-069. I’m honestly more upset with the reporting than the normal residential cpe didn’t get upgraded. But yeah, Happy Holidays everyone... Sincerely, Eric Tykwinski TrueNet, Inc. P: 610-429-8300 F: 610-429-3222
On Dec 19, 2014, at 5:54 PM, Jay Ashworth <jra@baylink.com> wrote:
While the flaw is 12 years old and the fix 9, the article suggests that firmware for consumer routers may yet be being built with the vulnerable webserver code baked in.
If you are responsible for lots of eyeballs you might want to look at this.
http://arstechnica.com/security/2014/12/12-million-home-and-business-routers...
Have a nice Christmas weekend. :-)
Cheers, -- jra
-- Jay R. Ashworth Baylink jra@baylink.com Designer The Things I Think RFC 2100 Ashworth & Associates http://www.bcp38.info 2000 Land Rover DII St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274