|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] PLUG talks --> OpenWRT ---> WRT worm now a reality
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Brian Vagnoni wrote:
> (snip)
> Mite be advisable to check you devices and re-flash with known good firmware.
>
(quote begins)
__________________________________
You are only vulnerable if:
* Your device is a mipsel device.
* Your device has telnet, SSH or web-based interfaces available to
the WAN
* Your username and password combinations are weak, OR the daemons
that your firmware uses are exploitable.
...
Vulnerable devices
* any linux mipsel routing device that has the router administration
interface or sshd or telnetd in a DMZ, which has weak username/passwords
(including openwrt/dd-wrt devices).
* possibly others
___________________________________
(quote ends)
1. the device never left my LAN; it was only given a route out, no WAN
routes in (except over my VPN)
2, moderately strong password on it and i've firewalled off ssh access
from anything but the VPN and LAN (this was before it even was given
access to the WAN)
in short, don't worry about connecting to it for the demo as i've
secured it inside a sterile environment beforehand.
i already planned on covering security lockdown methods for it
(openWRT), and i'll be briefly mentioning this worm since it's seen some
widespread propagation recently.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAknJik0ACgkQ8u2Zh4MtlQqJxwCZAXGLUzHZBveLixa669vWYxau
LcQAoKShXUytwAdBwiluVRG+8TWzldsH
=HezZ
-----END PGP SIGNATURE-----
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|