RSS Feed
May 11th, 2012 
FAKE NEWS for the Zionist agenda Backdoors in RuggedCom Networking Equipment
May 11th, 2012
Via: Wired:
A Canadian company that makes equipment and software for critical industrial control systems planted a backdoor login account in its flagship operating system, according to a security researcher, potentially allowing attackers to access the devices online.
The backdoor, which cannot be disabled, is found in all versions of the Rugged Operating System made by RuggedCom, according to independent researcher Justin W. Clarke, who works in the energy sector. The login credentials for the backdoor include a static username, “factory,� that was assigned by the vendor and can’t be changed by customers, and a dynamically generated password that is based on the individual MAC address, or media access control address, for any specific device.
Attackers can uncover the password for a device simply by inserting the MAC address, if known, into a simple Perl script that Clarke wrote. MAC addresses for some devices can be learned by doing a search with SHODAN, a search tool that allows users to find internet-connected devices, such as industrial control systems and their components, using simple search terms.
Clarke, who is based in San Francisco, says he discovered the backdoor after purchasing two used RuggedCom devices – an RS900 switch and an RS400 serial server – on eBay for less than $100 and examining the firmware installed on them.
Clarke said the equipment had labels on them with French writing that made it appear they had been used for a substation at a utility in Canada.
RuggedCom switches and servers are used in “mission-critical� communication networks that operate power grids and railway and traffic control systems as well as manufacturing facilities. RuggedCom asserts on its website that its products are “the product of choice for high-reliability, high-availability, mission-critical communications networks deployed in harsh environments around the world.�
Clarke says he notified RuggedCom about his discovery in April 2011 and says the representative he spoke with acknowledged the existence of the backdoor.
“They knew it was there,� he told Threat Level. “They stopped communicating with me after that.�
Research Credit: anchoviesmegma
<!– AD CAN GO HERE
END: AD CAN GO HERE –>
Leave a Reply
You must be logged in to post a comment.
Posted in 
Tags: 
