[caiu] RES: Virus UBNT

Diego Canton de Brito diegocanton em ensite.com.br
Seg Maio 16 21:52:30 BRT 2016 

Estou tentando implementar isso. 

https://github.com/diegocanton/remove_ubnt_mf 

Se tudo der certo ele vai remover o vírus, alterar a porta de gerencia
para 81 e atualizar. 

Sinta-se livre para altera-lo. 

Em 2016-05-16 21:43, marcio petarnella escreveu:

> Algum script q verifica a versão se xm ou xw e faz a atualização automática
> ?
> Em 16/05/2016 9:08 PM, "Geeek Masters" <rgeeek em gmail.com> escreveu:
> 
> [image: Ubiquiti Networks]
> <
> http://ubnt.us8.list-manage1.com/track/click?u=bc856e62a9254399365d0277b&id=e0bce9c5c5&e=fca1226044BROADBAND
> <
> http://ubnt.us8.list-manage.com/track/click?u=bc856e62a9254399365d0277b&id=d98a23213c&e=fca1226044ENTERPRISE
> <
> http://ubnt.us8.list-manage1.com/track/click?u=bc856e62a9254399365d0277b&id=1c98dce54c&e=fca1226044PRODUCTS
> <
> http://ubnt.us8.list-manage.com/track/click?u=bc856e62a9254399365d0277b&id=a326d664b7&e=fca1226044SUPPORT
> <
> http://ubnt.us8.list-manage.com/track/click?u=bc856e62a9254399365d0277b&id=2230187878&e=fca1226044BUY
> <
> http://ubnt.us8.list-manage1.com/track/click?u=bc856e62a9254399365d0277b&id=1ac11f1e55&e=fca1226044  IMPORTANT
> What We Know
> 
> In recent days, we've seen virus activity taking network devices offline.
> In most cases, devices are reset to factory defaults. In other cases,
> devices are still operational, but inaccessible. The virus is using an
> HTTP/HTTPS exploit that doesn't require authentication. Simply having a
> radio with out-of-date firmware and having its HTTP (port 80)/HTTPS (port
> 443) interface exposed to the Internet is enough to get infected.
> Checking Your Devices
> 
> Devices running the following firmware are *NOT* affected:
> 
> Ensure the Safety of Your Devices
> 
> Ubiquiti takes these threats seriously and has created a patch and an
> Android app to diagnose and fix the problem. To check your devices and
> remove the virus, please use *the removal tool*
> <
> http://ubnt.us8.list-manage.com/track/click?u=bc856e62a9254399365d0277b&id=4444e56b2c&e=fca1226044.
> 
> Note: The tool has the ability to upgrade airMAX M series devices to
> airOS(R) v5.6.5,
> which completely disables custom script usage.
> If a device is inaccessible, TFTP recovery will be required to reset it to
> factory defaults.
> 
> <
> http://ubnt.us8.list-manage.com/track/click?u=bc856e62a9254399365d0277b&id=821cdb27dc&e=fca1226044
> For further discussions, check our *community page *
> <
> http://ubnt.us8.list-manage.com/track/click?u=bc856e62a9254399365d0277b&id=da02fcd1ca&e=fca1226044or contact our *support team
> <
> http://ubnt.us8.list-manage.com/track/click?u=bc856e62a9254399365d0277b&id=8a12f2fc13&e=fca1226044 * .
> Copyright (c) 2016, Ubiquiti Networks, Inc. All Rights Reserved.
> Ubiquiti Networks 2580 Orchard Parkway San Jose, CA 95131 USA
> 
> Share this on:
> <
> http://www.facebook.com/share.php?u=http%3A%2F%2Fus8.campaign-archive2.com%2F%3Fu%3Dbc856e62a9254399365d0277b%26id%3Dd674aca0a1&t=Important%20Information%20Regarding%20Devices%20Running%20Older%20airOS%C2%A0Software<
> http://twitter.com/intent/tweet?text=Important%20Information%20Regarding%20Devices%20Running%20Older%20airOS%C2%A0Software%20-%20http%3A%2F%2Feepurl.com%2Fb10cX1<
> http://www.linkedin.com/shareArticle?mini=true&url=http%3A%2F%2Fus8.campaign-archive1.com%2F%3Fu%3Dbc856e62a9254399365d0277b%26id%3Dd674aca0a1&title=Important%20Information%20Regarding%20Devices%20Running%20Older%20airOS%C2%A0Software<
> http://us8.forward-to-friend.com/forward?u=bc856e62a9254399365d0277b&id=d674aca0a1&e=fca1226044Unsubscribe
> <
> http://ubnt.us8.list-manage.com/unsubscribe?u=bc856e62a9254399365d0277b&id=1c1b02cb37&e=fca1226044&c=d674aca0a1   |    Update Preferences
> <
> http://ubnt.us8.list-manage2.com/profile?u=bc856e62a9254399365d0277b&id=1c1b02cb37&e=fca1226044   |    View in browser
> <
> http://us8.campaign-archive2.com/?u=bc856e62a9254399365d0277b&id=d674aca0a1&e=fca1226044
> Follow: Facebook
> <
> http://ubnt.us8.list-manage.com/track/click?u=bc856e62a9254399365d0277b&id=e7237e0c93&e=fca1226044   |    Twitter
> <
> http://ubnt.us8.list-manage.com/track/click?u=bc856e62a9254399365d0277b&id=7e60518caa&e=fca1226044   |    YouTube
> <
> http://ubnt.us8.list-manage.com/track/click?u=bc856e62a9254399365d0277b&id=f50704a90c&e=fca1226044
> <
> http://ubnt.us8.list-manage.com/track/click?u=bc856e62a9254399365d0277b&id=f36406c247&e=fca1226044
> Em 16 de maio de 2016 15:56, Lucas Fernandes <lucas em jotaftelecom.com.br>
> escreveu:
> 
> SSH
> 
> touch /etc/persistent/ ct
> 
> Só isso ja volta o complience test
> 
> Obrigado
> Atenciosamente,
> 
> JotaF.Telecom
> 
> *Lucas Fernandes*
> Gerente de Redes
> 
> *T: *19 3913-9797 *C: *19 9 7163-3676
> www.jotaftelecom.com.br [1]
> 
> JotaF.Telecom
> 
> Em 16/05/2016 15:52, Alexandre Silva Nano escreveu:
> 
> Em 16 de maio de 2016 15:37, Rogerio Alves <rogerioapedroso em gmail.com>
> escreveu:
> 
> Venho aqui agradecer ao Alexandre J. Correa, pois graças ao esforço  e inteligência dele, estou conseguindo dar uma organizada na bagunça que
 a 

> UBNT fez e não conseguiu ao menos fazer uma ferramenta que preste!
> 
> Show de bola! Gostei também do script! 
> Agora, Alexandre. Quem utiliza Compliance Test, como faz pra continuar a
> utilizar? Se atualizar para a versão que você colocou no script, o CT
 será 

>> inibido.
> _______________________________________________
> caiu mailing list
> caiu em eng.registro.br
> https://eng.registro.br/mailman/listinfo/caiu
> 
> --> PARA SAIR DA LISTA SIGA AS INSTRUÇÕES em:
> 
> https://eng.registro.br/mailman/options/caiu

--

<
https://ubnt.zendesk.com/attachments/token/cSQI60Oj1xSqnAmT4s2bmyCXj/?name=Rodrigo+Gregorio+C.+de+Paula+%28Geeek%29.pdf


> [image:
 IPV6 Ready?] <http://geeekzone.com/>[image: IPV6 Ready?]
<https://ipv6.he.net/certification/scoresheet.php?pass_name=Geeek>
_______________________________________________
caiu mailing list
caiu em eng.registro.br
https://eng.registro.br/mailman/listinfo/caiu

--> PARA SAIR DA LISTA SIGA AS INSTRUÇÕES em:

https://eng.registro.br/mailman/options/caiu
 _______________________________________________
caiu mailing list
caiu em eng.registro.br
https://eng.registro.br/mailman/listinfo/caiu

--> PARA SAIR DA LISTA SIGA AS INSTRUÇÕES em:

https://eng.registro.br/mailman/options/caiu 

Links:
------
[1] http://www.jotaftelecom.com.br

Mais detalhes sobre a lista de discussão caiu