Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Chuck Norris Botnet


  • Please log in to reply
9 replies to this topic

#1 CCRN396

CCRN396

  • Members
  • 505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:11 AM

Posted 21 February 2010 - 12:00 PM

Security experts say that various types of botnets have infected millions of computers worldwide to date, but Chuck Norris is unusual in that it infects DSL modems and routers rather than PCs.


Full Article: http://www.computerworld.com/s/article/915...d?taxonomyId=17

BC AdBot (Login to Remove)

 


#2 Romeo29

Romeo29

    Learning To Bleep


  • Members
  • 3,194 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:127.0.0.1
  • Local time:10:11 AM

Posted 22 February 2010 - 09:56 AM

Simply switch off the router and then turn it back on, and poof it goes.

Posted Image

#3 CCRN396

CCRN396
  • Topic Starter

  • Members
  • 505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:11 AM

Posted 22 February 2010 - 11:02 AM

@ Romeo29: How entertaining & educational at the same time :thumbsup:

#4 Layback Bear

Layback Bear

  • Members
  • 1,880 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Northern Ohio
  • Local time:10:11 AM

Posted 22 February 2010 - 09:39 PM

Romeo29 is that really all it takes is to turn off the modem. I turn mine off every time I turn off the computer. I don't think there is a way of scanning a modem or is there.

#5 Romeo29

Romeo29

    Learning To Bleep


  • Members
  • 3,194 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:127.0.0.1
  • Local time:10:11 AM

Posted 23 February 2010 - 06:16 AM

Yes the Chuck Norris trojan stays inside the router RAM. So when you turn it off, the contents of RAM are destroyed and the trojan gets killed. However if it has made changes to the DNS servers (in some DSL routers) then you will have to revert changes manually.

The best defense against such trojan is to turn on NAT / Firewall in your DSL router. That way an outsider cannot have access to your DSL interface. See your router documentation for details.

To check if your DSL router ca be accessed from outside (and so is vulnerable to Chuck Norris attack) :
- Find out your IP address from http://www.whatismyip.com/
- Then goto http://www.dnstools.com/ . Put in your IP address and select Check port 80 and Click Go.

If you see server is down or Connection failed: Connection timed out be happy as your DSL router has no outside access.
If you see something like Connected successfully to port 80 then you are open to rest of world. Do not tell me your IP address. :thumbsup:

#6 samuel3

samuel3

  • Members
  • 2,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:11 PM

Posted 23 February 2010 - 01:27 PM

Checking Port 80...

Connection failed: Connection timed out


:D

#7 rms4evr

rms4evr

  • Members
  • 812 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:East Coast
  • Local time:11:11 AM

Posted 24 February 2010 - 12:17 AM

I was trying to think of something witty to say, but I can't think of anything right now. However, I do think this is kinda cool...as long as you're not infected. All hail Chuck Norris!!!

#8 Twin B

Twin B

  • Members
  • 269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:More Than a Mile High
  • Local time:08:11 AM

Posted 25 February 2010 - 10:24 PM

Yep. Compared to my defenses, Chuck is old and weak. yuk yuk. Stay Cool.

Edited by Twin B, 25 February 2010 - 10:25 PM.

I've learned blood is not thicker than money. 

 


#9 Layback Bear

Layback Bear

  • Members
  • 1,880 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Northern Ohio
  • Local time:10:11 AM

Posted 27 February 2010 - 11:44 AM

I get back
174 resolves to h44.dynamic.ip.windstream.net

Domain Whois Results:

Not Found: extension =
I took out most of the I.P. addresses is Not Found: extension good.

#10 carri

carri

  • Members
  • 234 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Yorkshire, England
  • Local time:04:11 PM

Posted 28 February 2010 - 01:49 PM

Glad to say I got back 'Checking Port 80...

Connection failed: Connection timed out' I actually do have a router security checker which checks the router every time the pc is switched on. It also has some features that i think I need to revisit following reading that article. Food for thought! Thanks for the topic CCrn396 :thumbsup:
Posted Image
Hug someone today and get on their nerves!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users