Friday, August 18, 2017

High Sierra hiding lost pings.



I just noticed that lost pings are hidden. It was irritating enough that ping now requires elevation.
jamsignal$ ping 10.133.1.1ping: Lacking privilege for raw socket.jamsignal$ 

jamsignal$ sudo ping 10.133.1.1PING 10.133.1.1 (10.133.1.1): 56 data bytes64 bytes from 10.133.1.1: icmp_seq=0 ttl=254 time=69.707 ms64 bytes from 10.133.1.1: icmp_seq=1 ttl=254 time=68.789 ms64 bytes from 10.133.1.1: icmp_seq=4 ttl=254 time=79.188 ms64 bytes from 10.133.1.1: icmp_seq=6 ttl=254 time=48.910 ms64 bytes from 10.133.1.1: icmp_seq=7 ttl=254 time=67.357 ms64 bytes from 10.133.1.1: icmp_seq=8 ttl=254 time=68.787 ms64 bytes from 10.133.1.1: icmp_seq=9 ttl=254 time=77.702 ms64 bytes from 10.133.1.1: icmp_seq=10 ttl=254 time=59.172 ms64 bytes from 10.133.1.1: icmp_seq=11 ttl=254 time=68.638 ms64 bytes from 10.133.1.1: icmp_seq=12 ttl=254 time=89.859 ms^C--- 10.133.1.1 ping statistics ---13 packets transmitted, 10 packets received, 23% packet lossround-trip min/avg/max/stddev = 48.910/69.811/89.859/10.544 msjamsignal$ 

Update: I had installed inetutils to get telnet and ftp on High Sierra. That is what broke my ping.
Posted by at 4 comments:
Labels:

Wednesday, August 16, 2017

JetDirect printers on the Internet with no password.

This was my search on shodan.io. There are 700 JetDirect printers on the Internet with no telnet password. Why have the hackers not taken over these printers

"Jetdirect port:23 Password is not set"

Posted by at No comments:

Wednesday, August 9, 2017

Mitel 3300 phone systems with telnet port open!!!

I went to shodan.io and searched for "SX-2000 port:23"

There are some Mitel phone systems open to the Internet with telnet. The default password has probably been changed so you can not login with HTTPS. But telnet is available with a default login.

WARNING

If you change the system login, this does not change the telnet login.

 Someone could access these systems and view all programming.

Update: You can use maintenance commands like "busy extension 1234" to busy out an extension. The phone is then unusable.

Port 1752 is also available to view SMDR call records.

Don't connect Mitel systems directly to the Internet!

Posted by at No comments:
Labels: ,

Fortigate units get "Input value is invalid" in the GUI.



I get this message on some Fortinet routers when editing the network interface. Even if I do not make any changes. Now we have to use the command line to make any changes

It takes too many steps to change the secondary IP from the CLI.

test # config sys int

test (interface) # edit internal

test (internal) # config secondaryip 

test (secondaryip) # edit 1

test (1) # show
config secondaryip
    edit 1
        set ip 10.122.1.11 255.255.255.0
    next
end

test (1) # set ip 10.122.1.1 255.255.0.0

test (1) # end

end


Posted by at No comments:
Labels:

Tuesday, August 8, 2017

First time using shodan.io today.

I searched for "bizhub C364e" and found multiple units. Some had the default administrator password. The Konica 364 is a large unit at $6000 or more new and they are open to the Internet. Even if the admin password has been changed the Public login may be available. Public has access to print and view job history. Public can also view the scan-to-email address list.

What if a fraudster targeted these users with malicious email that appeared to originate from the bizhub?


Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)