- NG Firewall
- Solutions by Industry
- Solutions by Issue
The key with this is it's older firmwares of the older airmax stuff, and still relys on default credentials. AKA, if you get it, y ou deserve it.
Yup, 'best practice' should prevent this kind of thing.
I still wonder about Android, though.
Unifi users just need to make sure they're running the most recent controller and firmware, then go into settings -> site, and make sure the device authentication fields aren't using ubnt, or root as a username, and stuff in a decent password.
Interesting... I read both links, and no mention of "Android"....
The folks that get hit with this are the lazy ones. If you do not care enough to immediately and execute some basic best practices then you get what is deserved. The firmware has been updated so it is up to admins to install it.
I see, I guess this guy read between the lines, I dunno:
I don't have much control of passwords or updates on those things.ICS-CERT provides the following summary of the two BrickerBot versions (BrickerBot 1 affects Ubiquiti devices and BrickerBot 2 affects Android devices):
TLDR is as Hescominsoon suggests, if you configure your crap properly you're fine. People that expose the SSH of a Unifi WAP to the world are just as ignorant as those that open SSH on Untangle to the world.
Set a strong password, and keep things inside. If you're really paranoid you use VLANs to isolate the WAPs into their own IP network so network clients cannot see them either.