Some goof named a botnet after Chuck Norris. http://www.computerworld.com/s/article/9159758/Chuck_Norris_botnet_karate_chops_routers_hard :(
(http://www.computerworld.com/s/article/9159758/Chuck_Norris_botnet_karate_chops_routers_hard)

Bah.. call me when Cyril Raffaelli has his own botnet

Our IT person (I gave up those duties to stop people bugging me for tech support) has left the passwords of our routers default. He's a Windows enthusiast who spends most of his time de-virusing people's computers so expecting him to know better is probably rather silly.

Routers shouldn't be allowed to be left with their default passwords!

Routers shouldn't be allowed to be left with their default passwords!
I could tell him that but then it'd ruin my chance to have some fun ;) It's evil (but fun) to lock people you don't like out of the internet!

Our IT person (I gave up those duties to stop people bugging me for tech support) has left the passwords of our routers default. He's a Windows enthusiast who spends most of his time de-virusing people's computers so expecting him to know better is probably rather silly.

And this.. human being is somehow still employed?

Mankind is doomed.

And this.. human being is somehow still employed?

Mankind is doomed.
Management are clueless. Plus no-one sane would actually want the job as it's something of a permanent virus-infestation of a network (lots of people bringing in their own laptops running windows, the kind of people who open EVERY attachment and then expect a geek to fix it and of course not charge for it). I tried it for a while, and my way was much improved, but it distracted from my main job too much and users didn't like having to behave themselves and be secure, so I figured I'd leave it to someone who actually wanted it. Besides, I'm immune to all this crap, so let everyone else's computers die, it's not my problem :)

I mean really, can this story get any funnier. Just ask the Slashdotters :D
http://linux.slashdot.org/story/10/02/22/0537232/Chuck-Norris-Attacks-Linux-Based-Routers-Modems

If you haven't changed the default password on your home router, you may be in for an unwanted visit from Chuck Norris - the Chuck Norris botnet, that is.

Discovered by Czech researchers, the botnet has been spreading by taking advantage of poorly configured routers and DSL modems, according to Jan Vykopal, the head of the network security department with Masaryk University's Institute of Computer Science in Brno, Czech Republic.

The malware got the Chuck Norris moniker from a programmer's Italian comment in its source code: "in nome di Chuck Norris," which means "in the name of Chuck Norris." Norris is a US actor best known for his martial arts films such as "The Way of the Dragon" and "Missing in Action."

Security experts say that various types of botnets have infected millions of computers worldwide to date, but Chuck Norris is unusual in that it infects DSL modems and routers rather than PCs.

It installs itself on routers and modems by guessing default administrative passwords and taking advantage of the fact that many devices are configured to allow remote access. It also exploits a known vulnerability in D-Link Systems devices, Vykopal said in an email interview.

A D-Link spokesman said he was not aware of the botnet, and the company did not immediately have any comment on the issue.

Like an earlier router-infecting botnet called Psyb0t, Chuck Norris can infect an MIPS-based device running the Linux operating system if its administration interface has a weak username and password, he said. This MIPS/Linux combination is widely used in routers and DSL modems, but the botnet also attacks satellite TV receivers.

Vykopal doesn't know how big the Chuck Norris botnet is, but says he has evidence that the hacked machines "are spread around the world: from South America through Europe to Asia. The botnet aims at many networks of ISP [Internet service provider] and telco operators," he said.

Right now Chuck Norris-infected machines can be used to attack other systems on the Internet, in what are known as distributed denial of service attacks. The botnet can launch a password-guessing dictionary attack on another computer, and it can also change the DNS (Domain Name System) settings in the router. With this attack, victims on the router's network who think they are connecting to Facebook or Google end up redirected to a malicious Web page that then tries to install a virus on their computers.

Once installed in the router's memory, the bot blocks remote communication ports and begins to scan the network for other vulnerable machines. It is controlled via IRC.

Because the Chuck Norris botnet lives in the router's RAM, it can be removed with a restart.

Users who don't want to be infected can mitigate the risk - the simplest way of doing this is by using a strong password on the router or modem. Users can also address the problem by keeping their firmware up-to-date and by disabling remote-access services.

In recent years, hackers have started looking at devices such as routers, which are often not properly secured, Vykopal said. "They are not regularly patched and updated, even though the patches are available." The devices "are also continuously connected to the Internet and they are up for days and months," he said.

In the future, he expects that even more malware will target these devices.

Despite their rarity, router-based botnets are not particularly hard to create, said Dancho Danchev, an independent cyber threats analyst, speaking via instant message. "Router-based botnets are not rocket science given a common flaw can be exploited, and every then and now [one] appears."

http://www.computerworlduk.com/technology/networking/security/news/index.cfm?newsid=18955

I believe that quoting whole articles might just be frowned upon.
It`s generally more polite to mabey quote a small section and just link to the original article (http://www.pcworld.com/businesscenter/article/189868/chuck_norris_botnet_karatechops_routers_hard.html) , as far as i understand anyway.

EDIT: I`d also like to think most people here do change those default passwords.
Hands up if you dont....

I believe that quoting whole articles might just be frowned upon.
It`s generally more polite to mabey quote a small section and just link to the original article (http://www.pcworld.com/businesscenter/article/189868/chuck_norris_botnet_karatechops_routers_hard.html) , as far as i understand anyway.

Bet you wouldn't say that if Chuck Norris was in the room. :)

You should rename the thread to "Chuck Norris botnet roundhouse kicks Linux routers". :lolflag:

http://crossfitasia.com/ChuckNorris.jpg

Bet you wouldn't say that if Chuck Norris was in the room. :)

That would depend entirely on whether i`d had my porridge or not...8-[

There was another thread about this........ today.

There was another thread about this........ today.

Chuck Norris never gets old. :)

CN kicked a router so hard that the virus was created through induction with the airwaves.

Of course, Mr T says: "I pity the fool that believes that."

Just before he got hit in the back of the head.

"Oowee"

Chuck Norris never gets old. :)

Okay, okay, that is indeed true! I has (http://icanhascheezburger.com/) a book about him.

I mean really, can this story get any funnier. Just ask the Slashdotters :D
http://linux.slashdot.org/story/10/02/22/0537232/Chuck-Norris-Attacks-Linux-Based-Routers-Modems

You're right


There is no password behind Chuck Norris' router, there is only another fist.

Merged two Chuck Norris threads.