Hi folks, we're running some tests on our Up 2 mini. Possible infection or botnet recruitment, device appears to be port scanning our network. We've powered the unit down and will be testing it Monday.
If I read the initial capture report right, the device is announcing an all-zeros Mac addrress, and port scanning all devices on the local LAN with three 222 byte packets.
Just wondered if anyone else has seen or noticed this yet, especially if there's a patch for it.
With Mirai and now Brickerbot nets propogating IoT's like this now (https://ics-cert.us-cert.gov/alerts/ICS-ALERT-17-102-01), can't be too careful. We're powered down for Easter, more forensics work on it Monday.
Support for UP mini 2. To report a bug, post with a title [BUG REPORT]. To request a feature, post with a title [FEATURE REQUEST]
1 post •Page 1 of 1