Linksys WRT54g/GS

Imagine this, you are downloading some torrents (Open Source or Independent of course :p), and all of a sudden your Linksys router crashes and has to be rebooted. You wonder why this happens? I will tell you why, using the Linksys provided firmware the router caches the connection stats for 500 connections, eventually using torrents will cause the router to overload from all of the connections. Whats the soution to the problem you ask? Theres a distro of linux designed to run on certain routers. This distro is named DDWRT.

In January 2008, I wrote two articles (Jan. 3, 2008 & Jan. 15, 2008)  about an computer virus infection vector that almost no one else had looked at.   Except William Pitcock over at Dereferenced Technologies.  And the Indiana University Students who wrote about Wifi Epidemiology.

This week, eWeek’s Larry Seltzer brings us the story of the first implementation of these ideas, in his story The First Linux Botnet, which is titled to spread maximum fear.  Specifically, it appears that the psyb0t worm attacks not only a long list of linux embedded devices, but also attacks routers running VxWorks based firmware, as well.

I will start off by saying, I was once a beta tester for Microsoft with a project known as Longhorn (Vista is what its now known by). I will also start off by saying that had it stayed the way it was and not undergone the swift lobotomy that Microsoft imposed on it, it would have been a truly revolutionary operating system.

That being said I am not a Windows user.

I am happy to proclaim that I am a Mac OS and Linux user. My main machine is a happy little Macbook running OS X Leopard, it is a fantastic little machine and is quite capable of do anything I need it to do, be it video editing or building the latest add-on for All That’s Evil or any of the many other sites I work on.

I admit.

I’m young, but I’ve been around desktop computers since their inception, almost 20 years ago.

Unlike the generation after me, I witnessed the development of many technologies that they take for granted. It’s not that they don’t care, but ignorance is bliss, as they say.

I remember when the 486 Hz processor was the thing, and your family must have money to blow if your home had a computer - let alone one with 50 megabytes of hard disk space. When Intel released the Pentium line of processors, the world marveled.

While a lot of big computer advances were rocking the visible market, Microsoft was coding Windows 95.

But when it came out, it changed the face of PC computing forever.

Even the newest release of Microsoft’s popular Windows operating system, Vista, still has a lot of the same design ideas from the 95 release.

Amazing, isn’t it?

Around the start of the year, I wrote an article about invisibly infecting wifi and other routers.

In that article, I reflected on some research that came out of Indiana University about router-to-router virus infections.

I mentioned that the simple router-to-router case was possible, but that we’d sooner see a mixed mode attack, code that infected a PC, then took over your wifi or other router.

I pointed out that the flood of financial and personal data would be the payoff in this scenario, as most people would never know that their router had been compromised, until it was too late.

  

 

 

The Latest Viral Threat?

I was reading a research paper some students from Indiana University had done this summer on what they called WiFi Epidemiology which made some interesting points.

First, they pointed out that the WiFi infrastructure around us is approaching a critical mass, where in some places, WiFi hotspots overlap to a degree sufficient to allow intercommunication.

Second, they suggested that malware and virus writers may soon begin to target WiFi routers, as the WiFi infrastructure has several very attractive characteristics, like carrying all that potentially information laden net traffic.

Steven Vaughan-Nichols over at Desktop Linux.com did a write up on the Smallest Linux PCs he’s been able to find, and looking at the machines he’s talking about, I’ve got to say that some of them have (ahem) interesting possible uses.

Take the Data Evolution Corporation decTOP (man, it’s nice to see computing equipment with the DEC acronym, once again!), a $99 Linux running PC, with audio in/out, ethernet, video, and USB ports, that would make a most excellent network sniffing box, for deploying on a target network, capturing network traffic.

You’ve heard me mention the Thinkpad of All Evil. It’s a circa 2000 IBM Thinkpad, built like a tank, recently upgraded with an 80GB hard drive.

In its original incarnation, it ran Windows 98, and didn’t have what it took to play back AVI video. So, as a preliminary to actually upgrading the hard drive, I dropped a PCLinuxOS LiveCD into the drive, to determine how well the hardware would be detected, managed, and used by Linux.

Needless to say, the LiveCD detected the audio hardware, the USB, the PCMCIA, and the 802.11b WiFi card.