Supposedly hackers using edge routers?
1 Like
You get an early peek at my thoughts on this:
1 Like
I feel the same as Willie…
I’m sure if I found out the FBI was inside my router “patching” things, it would definitely get a factory reset, and a fresh start, even though I would hate to do that, there’s a lot of configurations that have to be done from the command line…
1 Like
I think the article should be rewritten to let people know that Ubiquiti doesn’t ship the routers like this. A story like this could have unintended (or intended) consequences on the company stock price and public trust. Anyone who uses EdgeRouters know that the OOB (out of box) experience is nothing like they are suggesting with Ubiquiti EdgeRouters.
I have a few thoughts on this.
My first thought is what is the vulnerability that they’re using to get through?
Are other people actually configuring their firewalls or the routers properly? (Willie helped me harden my router by not being able to access the interface from the outside IP and inside public vlan, it can only be accessed from the management vlan)
I’m sure the edge router is not the only router out there that has some sort of vulnerability that these people are using for their botnets specifically Netgear Linksys and other home routers that to me have weak security.
At least in a wisp environment there’s double firewall which would first be the edge router and then be the client’s router.
This article should have never been put out. This article should have been sent to ubiquity for them to deal with specifically to make changes in the firmware and then let them put out a bulletin to their users.
I don’t agree with the FBI or any other three lettered agencies being able to penetrate your router and make changes without your knowing.
And my ER4 went up in smoke this morning…
Willie: I VERY much liked your excellent video on this. My first Edgerouter is old now (2018-January), but my out-of-box experience was exactly as you described. I ran the wizard and set passwords and have kept it patched since. A newer ER-X (2021) was exactly the same.
Perhaps, as you noted, some ISP is pre-configuring devices and shipping to clients, but that dumb move couldn’t be blamed on Ubiquiti.
1 Like
Hopefully it is just a bad power brick. Those fail from deteriorating caps long before they should. They are easy to replace. Hope you are lucky.