Your browser is obsolete!

The page may not load correctly.

Unexpected guests

Незваные гости

Other issues in this category (70)
  • add to favourites
    Add to Bookmarks

Seeing green?

Read: 2776 Comments: 2 Rating: 7

Thursday, March 7, 2019

Some people believe that the grass is always greener elsewhere, in some other country. And many people in Russia (and, perhaps, other countries too) are certain that things are very bad where they are. Look at how other countries care about their users and protect them!

But is that really so?

I scanned all of Austria

You'll probably ask: how did you get all the country’s IP addresses?

Well, this is not hard to do. No country generates IP addresses as it sees fit. Instead, addresses are assigned by a central authority. That means that complete lists of addresses exist for each country.

Anyone can download these lists. Enter grep Austria IP2LOCATION-LITE-DB1.CSV > austria.csv, and run this simple script to convert the list into the format we need.

https://habr.com/ru/post/440976

Let's get started.

Of course, no system administrator will leave their Windows SMB ports readily accessible over the Internet, right?

masscan -p445 --rate 300 -iL austria.ips -oG austria.445.scan && cat austria.445.scan | wc -l

We found 1,273 completely exposed Windows hosts.

That's out of 11 million IPv4 addresses. Not too many, but still.

Web servers

The country has 17,392 operational web servers.

Apache is the most popular one (judging by the replies containing the Server header). The oldest Apache version I found was Apache 1.3.12, which was released in 2012, and it was running on a Windows server machine. A double nightmare.

I also discovered four servers under Windows CE. That system was released in 1996, and its support was discontinued in 2013.

Those were devices of various types. We have already mentioned that attackers may target printers.

I found nine HP printers without logins, fully accessible over the Internet. They weren't password-protected, and I could make them print documents.

As many as 300 IP cameras weren't password-protected either. If you are interested, you can find them here.

And, to boot, here is a readily accessible control panel for a water treatment plant.

#drweb

https://habr.com/ru/post/440976

We don't even want to ponder how this information can be used by criminals or online pranksters if it ever falls into their hands.

#anti-virus #peripheral #server

The Anti-virus Times recommends

In terms of information security, Austria is doing reasonably well. The number of vulnerable systems is small, but users should never lower their guard, even there. Having a competent system administrator on staff who can deploy and configure an anti-virus security solution in a corporate network infrastructure is essential for the security of any business—and, of course, not only in Austria.

[Twitter]

Tell us what you think

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.

Comments

Comments to other issues | My comments