[PLUG] How to confirm my router is safe
Russell Senior
russell at personaltelco.net
Tue Apr 24 22:16:21 UTC 2018
https://www.us-cert.gov/ncas/alerts/TA18-106A
There is some discussion of SOHO routers but none of the vulnerabilities
mentioned apply to you. They mention:
Telnet (typically Transmission Control Protocol (TCP) port 23, but
traffic can be directed to a wide range of TCP ports such as 80, 8080,
etc.),
Hypertext Transport Protocol (HTTP, port 80),
Simple Network Management Protocol (SNMP, ports 161/162), and
Cisco Smart Install (SMI port 4786).
None of those are accessible remotely on a stock OpenWrt firmware.
On Tue, Apr 24, 2018 at 2:38 PM, Russell Senior <russell at personaltelco.net>
wrote:
> The NPR story is mostly regurgitated press release from scare mongers.
> The network infrastructure it looks like they are talking about is in the
> core of the internet, big cisco and juniper routers and the like. If
> anything, the NSA noticed because their surveillance tools are already
> embedded in those same routers, doing all the things they accuse others of
> doing. Most of the concern about home routers is about botnets, exploiting
> them for distributed denial of service attacks in particular. Good
> passwords, limiting inbound access are sensible steps. The threat from
> local attackers is much smaller, because it requires physical presence and
> doesn't scale nearly as well (too slow and uses too much gasoline).
>
> On Tue, Apr 24, 2018 at 2:27 PM, Russell Senior <russell at personaltelco.net
> > wrote:
>
>> Attitude Adjustment is pretty old. OpenWrt has a pretty good firewall by
>> default, so remote access should be difficult. You should take note of
>> which packages you have installed, backup your settings, and then you could
>> try installing this, the most recent release version:
>>
>> http://downloads.openwrt.org/releases/17.01.4/targets/ar71xx
>> /generic/lede-17.01.4-ar71xx-generic-wzr-600dhp-squashfs-sysupgrade.bin
>>
>> Development is currently converging on a new release (hopefully in the
>> next month or so, but I'd wait on that).
>>
>> On Tue, Apr 24, 2018 at 2:12 PM, Dick Steffens <dick at dicksteffens.com>
>> wrote:
>>
>>> OPB has an article about router vulnerability.
>>>
>>> https://www.opb.org/news/article/npr-sounding-the-alarm-abou
>>> t-a-new-russian-cyber-threat/
>>>
>>> It recommends following your router manufacturer's guidance on making
>>> sure the router is secure. It doesn't say specifically what to search for.
>>> I have a Buffalo WZR-600DHP running OpenWrt LuCI, Attitude Adjustment
>>> 12.09. What foo should I use to determine what version of firmware I should
>>> be running to be reasonably secure?
>>>
>>> --
>>> Regards,
>>>
>>> Dick Steffens
>>>
>>> _______________________________________________
>>> PLUG mailing list
>>> PLUG at pdxlinux.org
>>> http://lists.pdxlinux.org/mailman/listinfo/plug
>>>
>>
>>
>
More information about the PLUG
mailing list