You have commented 358 times on Rantburg.

Your Name
Your e-mail (optional)
Website (optional)
My Original Nic        Pic-a-Nic        Sorry. Comments have been closed on this article.
Bold Italic Underline Strike Bullet Blockquote Small Big Link Squish Foto Photo
Submit your comments on this article
Cyber
Group targeting U.S. critical infrastructure by exploiting vulnerabilities of outdated networking switches
2024-02-15
[LawEnforcementToday] A state-sponsored hacking group supported by China known as "Volt Typhoon" has been identified by federal authorities as the group targeting U.S. critical infrastructure by exploiting the vulnerabilities of outdated networking switches."
They are mainly attacking older Cisco and Netgear Routers that have not had security patches applied, or cannot be secured because the router is no longer supported.In short: The PRC/CCP are using Home and Businesses systems to attack the US infrastructure.

Posted by:NN2N1

#2  the log files

Much like writing software, making APPS, building web pages...we, the industry, have made networking too easy for the great unwashed. Not 1 in 10/100 home office owner checks their log files.

Who knows how to get to the traffic logs on their cell phone?
Posted by: Skidmark   2024-02-15 09:51  

#1  Since ISP's offer home and small business connections at 4+ MPS now, and hackers know many such used routers once setup are seldom checked. Hackers know they and added safety margin in using theses as a relayed step in their endeavors.

So checking router log files daily for:
* Attempted / Failed and successful accesses,
* Outside Router Admin connections,
* DoS attacks and Port Scans,
* New Port Forwarding / Port Triggering settings,
* Unauthorized Wireless access or attempts,
* Log file resets to cover connection tracks?
* and more

NOTE: Many home and small business routers allow for hourly, daily or weekly emailing of the log files and it is worth the 5 mins a day at the least to CYA.

Posted by: NN2N1   2024-02-15 06:44  

00:00