Including "running Tomato" is a great step. Too often, these warnings, which a great deal of the time are only relevant to machines running Windows, do not include "running X" in the title, so everyone, even those not running X, have to read the article to ensure they're not vulnerable. I believe journalistic integrity demands that the OS/App/whatever appear in the title.
How big a group of routers is this? How does one get smart enough to go into the advanced options to enable remote administration, but not smart enough to set the root password first?
I partially blame Tomato for this. It shouldn't allow you to enable remote admin until you've changed the passwords.
Shodan returns some 5100 Tomato servers, with about 1500 running web services (presumably the remote administration). I would bet that a fair number of those 1500 servers (maybe 10%?) have the default password, but I'm not going to check.
5 comments
[ 0.24 ms ] story [ 17.3 ms ] threadI partially blame Tomato for this. It shouldn't allow you to enable remote admin until you've changed the passwords.
(Are routers pre-loaded with Tomato being sold to naive people somewhere?)