[Cialug] ISPs and patching routers

James Shoemaker james at dhlake.com
Tue Oct 2 11:19:29 CDT 2012


   Back when I had an IP address and could do such things (!@#$!@##$ 
NAT) I just had the ssh port open and tunneled anything unusual I wanted.
> I believe dd-wrt has WAN management disabled by default.  I haven't gotten
> around to setting up OpenVPN either, which would be a more ideal solution,
> so I'm using an open wan management on an non-default port for convenience.
>
> On Tue, Oct 2, 2012 at 10:00 AM, Barry Von Ahsen<barry at vonahsen.com>  wrote:
>
>    
>> is there an option to not allow management from WAN?
>>
>> or is this in addition to that?
>>
>>
>> -barry
>>
>>
>> On Oct 2, 2012, at 9:42 AM, Adam Hill wrote:
>>
>>      
>>> One of my benched side projects is setting up knockd (port knocker) on my
>>> dd-wrt router so I don't have to leave it's web interface open to be
>>>        
>> found
>>      
>>> by port scanners and can open port forwards by port knocks.
>>>
>>> On Tue, Oct 2, 2012 at 9:12 AM, David Champion<dchamp1337 at gmail.com>
>>>        
>> wrote:
>>      
>>>        
>>>> dd-wrt / openwrt are one of the targets of this attack as well. If
>>>>          
>> you're
>>      
>>>> not up to date, or haven't configured it correctly, you may have
>>>>          
>> problems.
>>      
>>>> -dc
>>>>
>>>> On Tue, Oct 2, 2012 at 9:08 AM, Nathan C. Smith<nathan.smith at ipmvs.com
>>>>          
>>>>> wrote:
>>>>>            
>>>>          
>>>>> Here is a related article:
>>>>>
>>>>>
>>>>>
>>>>>            
>>>>          
>> https://www.securelist.com/en/blog/208193852/The_tale_of_one_thousand_and_one_DSL_modems
>>      
>>>>> This one makes it sound like an A-V company was having trouble
>>>>>            
>>>> determining
>>>>          
>>>>> how the computer was being manipulated and redirected because it was
>>>>>            
>>>> being
>>>>          
>>>>> done outside the computer through the DSL modem.
>>>>>
>>>>> May you live in interesting times.
>>>>>
>>>>> -Nate
>>>>>
>>>>> -----Original Message-----
>>>>> From: cialug-bounces at cialug.org [mailto:cialug-bounces at cialug.org] On
>>>>> Behalf Of Josh More
>>>>> Sent: Tuesday, October 02, 2012 8:53 AM
>>>>> To: Central Iowa Linux Users Group
>>>>> Subject: [Cialug] ISPs and patching routers
>>>>>
>>>>> Looks like the router attack we've long known was possible is now
>>>>>            
>>>> actually
>>>>          
>>>>> being used.
>>>>>
>>>>> This would be a good time to move friends and family over to openwrt or
>>>>> ddwrt.  (Or an ISP that takes responsibility for security.)
>>>>>
>>>>> Details are here:
>>>>>
>>>>>
>>>>>            
>>>>          
>> http://arstechnica.com/security/2012/10/dsl-modem-hack-infects-millions-with-malware/
>>      
>>>>>
>>>>> -Josh
>>>>> _______________________________________________
>>>>> Cialug mailing list
>>>>> Cialug at cialug.org
>>>>> http://cialug.org/mailman/listinfo/cialug
>>>>> _______________________________________________
>>>>> Cialug mailing list
>>>>> Cialug at cialug.org
>>>>> http://cialug.org/mailman/listinfo/cialug
>>>>>
>>>>>            
>>>> _______________________________________________
>>>> Cialug mailing list
>>>> Cialug at cialug.org
>>>> http://cialug.org/mailman/listinfo/cialug
>>>>
>>>>          
>>> _______________________________________________
>>> Cialug mailing list
>>> Cialug at cialug.org
>>> http://cialug.org/mailman/listinfo/cialug
>>>        
>> _______________________________________________
>> Cialug mailing list
>> Cialug at cialug.org
>> http://cialug.org/mailman/listinfo/cialug
>>
>>      
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>    



More information about the Cialug mailing list