I've been seeing frightening headlines about a new threat to Linux based routers. "Moose - the router worm with an appetite for social networks", "Dissecting the Linux/Moose malware", "Moose worm targeting Linux-based routers and systems" and more. Bar the door and get out the rifles, boys: we are under attack!
There's even an imposing list of "affected vendors": 3Com, Alcatel-Lucent, Allied Telesis, Avaya, Belkin, Brocade, Buffalo, Celerity, Cisco, D-link, Enterasys, Hewlett-Packard, Huawei, Linksys, Mikrotik, Netgear, Meridian, Nortel, SpeedStream, Thomson, TP-Link, Zhone, ZyXEL and more. Forget the rifles, we need cannons!
Really? According to an Arstechnica article that came complete with a scary graphic, the Linux/Moose malware "exploits routers open to connections from the Internet via Telnet by performing brute-force login attempts using default or common administrative credentials".
Say what? Telnet? Default credentials?
Honestly, how can you look at me with a straight face and call this a Linux security issue? ANY ROUTER WITH DEFAULT CREDENTIALS IS A SECURITY THREAT! This isn't a Linux security issue; it's an idiot's security issue!
On my systems, I'm meeting this threat head-on by doing absolutely nothing. I never had telnet open to start with and default credentials were changed before any of my routers first connected to the internet. Linux security threat? Nonsense.
The Moose is loose: Linux-based worm turns routers into social network bots
Got something to add? Send me email.
Increase ad revenue 50-250% with Ezoic
More Articles by Anthony Lawrence
Find me on Google+
© 2015-06-02 Anthony Lawrence