One of my Netonix switches (WS-8) on ver: 1.5.16 had its webserver "seized" by the FBI (see attached image). It is claiming that the device is acting as a 'DDoS-for-hire service'.
I went to access the webserver to program the unit and instead I was presented with the attached image.
The link embedded in the image is legit (https://www.fbi.gov/contact-us/field-of ... os-attacks).
This is VERY worrisome. How did my device get compromised so that the webpage was re-written? And, why does the FBI think it is being used for DDoS?
I have pulled the device from production and accessed it directly from my laptop (nothing else plugged in) and I get the same message. So, this is not a re-direct. Somebody actually got access to the underlying webserver and rewrote the default index.html page. If I go to main.html, or index.php, I get the correct login screen.
I have not factory defaulted the device to see if that fixes the issue. I want to see if there is anything that can be gleamed from its current state.
The switch still works.
Please advise what needs to be done.
Netonix "Seized" by FBI
-
sirhc - Employee
- Posts: 7414
- Joined: Tue Apr 08, 2014 3:48 pm
- Location: Lancaster, PA
- Has thanked: 1608 times
- Been thanked: 1325 times
Re: Netonix "Seized" by FBI
Support is handled on the Forums not in Emails and PMs.
Before you ask a question use the Search function to see it has been answered before.
To do an Advanced Search click the magnifying glass in the Search Box.
To upload pictures click the Upload attachment link below the BLUE SUBMIT BUTTON.
Before you ask a question use the Search function to see it has been answered before.
To do an Advanced Search click the magnifying glass in the Search Box.
To upload pictures click the Upload attachment link below the BLUE SUBMIT BUTTON.
2 posts
Page 1 of 1
Who is online
Users browsing this forum: No registered users and 9 guests