Scans for Zyxel Backdoors Are Commencing

The IP&#x27;s they list on that page are all listed in the netset&#x2F;ipset files at firehol&#x27;s ip blocklist [1] They are just open proxies. These files are explained on firehol&#x27;s site. [2] Make sure your home routers admin interface is only listening on the LAN and not the WAN interface, as blocking scanners is an endless game of whack-a-mole. Another option to consider would be installing OpenWRT if your router model supports it. [3]<p>Example:<p><pre><code> grep -E &quot;45.155.205.86&quot; *.ipset bi_any_0_1d.ipset:45.155.205.86 bi_badbots_0_1d.ipset:45.155.205.86 bi_bruteforce_0_1d.ipset:45.155.205.86 bi_ssh-ddos_0_1d.ipset:45.155.205.86 bi_ssh_0_1d.ipset:45.155.205.86 bi_sshd_0_1d.ipset:45.155.205.86 blocklist_de.ipset:45.155.205.86 blocklist_de_ssh.ipset:45.155.205.86 blocklist_de_strongips.ipset:45.155.205.86 bruteforceblocker.ipset:45.155.205.86 et_compromised.ipset:45.155.205.86 greensnow.ipset:45.155.205.86 haley_ssh.ipset:45.155.205.86 </code></pre> [1] - <a href="https:&#x2F;&#x2F;github.com&#x2F;firehol&#x2F;blocklist-ipsets.git" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;firehol&#x2F;blocklist-ipsets.git</a><p>[2] - <a href="http:&#x2F;&#x2F;iplists.firehol.org&#x2F;" rel="nofollow">http:&#x2F;&#x2F;iplists.firehol.org&#x2F;</a><p>[3] - <a href="https:&#x2F;&#x2F;openwrt.org&#x2F;toh&#x2F;hwdata&#x2F;zyxel&#x2F;start" rel="nofollow">https:&#x2F;&#x2F;openwrt.org&#x2F;toh&#x2F;hwdata&#x2F;zyxel&#x2F;start</a>