Hi folks, we're running some tests on our Up 2 mini. Possible infection or botnet recruitment, device appears to be port scanning our network. We've powered the unit down and will be testing it Monday.
If I read the initial capture report right, the device is announcing an all-zeros Mac addrress, and port scanning all devices on the local LAN with three 222 byte packets.
Just wondered if anyone else has seen or noticed this yet, especially if there's a patch for it.
With Mirai and now Brickerbot nets propogating IoT's like this now (https://ics-cert.us-cert.gov/alerts/ICS-ALERT-17-102-01), can't be too careful. We're powered down for Easter, more forensics work on it Monday.
Marc
Possible security issue
Support for UP mini 2. To report a bug, post with a title [BUG REPORT]. To request a feature, post with a title [FEATURE REQUEST]
Jump to
- Tiertime's Forum
- ↳ Official Announcement
- Tiertime's Community
- ↳ General Discussion
- ↳ New Uppers
- ↳ Coffee Place
- ↳ UP300
- ↳ UP mini 2 ES
- ↳ UP BOX & UP BOX+
- ↳ UP mini 2
- ↳ Cetus
- ↳ X5
- ↳ Look! My Mod
- ↳ Projects and Models
- ↳ Other 3D Printing Topics
- ↳ Marketplace
- Support
- ↳ UP mini 2 ES
- ↳ UP BOX & UP BOX+
- ↳ UP mini 2
- ↳ UP300
- ↳ X5
- ↳ Cetus
- ↳ UP Plus
- ↳ UP mini
- ↳ UP Software
- ↳ Buying
- ↳ Website and Forum
- Tiertime 3D Printer User Groups
- ↳ Request a Local UP User Group
- ↳ Germany
- ↳ Netherlands
- ↳ Australia+New Zealand
- ↳ UK + Ireland
- ↳ USA - New York
- ↳ USA - California
- ↳ USA - Texas
- ↳ Turkey
- ↳ France
- ↳ Nordic Countries
- ↳ Italy
- ↳ Japan
- ↳ Spanish Speaking
- ↳ Czech and Slovak
- ↳ Singapore
- Tiertime 3D Printer
- ↳ General
- ↳ UPers
- ↳ Models