[Cialug] DD-WRT (and others) Risk
Nathan C. Smith
nathan.smith at ipmvs.com
Thu Dec 23 10:24:04 CST 2010
Josh,
thanks for pointing this out. Is there a plain listing of suspect manufacturers/devices somewhere?
-Nate
From: cialug-bounces at cialug.org [mailto:cialug-bounces at cialug.org] On Behalf Of Josh More
Sent: Thursday, December 23, 2010 10:09 AM
To: cialug at cialug.org
Subject: [Cialug] DD-WRT (and others) Risk
Since we still have a list right now, and since I know that tomorrow is a down day for everyone with no obligations other than reading and responding to security threats, I thought I'd share this link: http://seclists.org/fulldisclosure/2010/Dec/492
Nutshell version: If you're running DD-WRT, you might want to roll your own self-signed cert. If you're running one of the others in the DB, you're probably out of luck. If you typically have to analyze SSL traffic for fun or profit, merry Christmas.
Josh More | Senior Security Consultant - CISSP, GIAC-GSLC, GIAC-GCIH
Alliance Technologies | www.AllianceTechnologies.net<http://www.alliancetechnologies.net>
400 Locust St., Suite 840 | Des Moines, IA 50309
515.245.7701 | 888.387.5670 x7701
Santa is Secure. Are you?
http://www.alliancetechnologies.net/security/santa-2010
How are we doing? Let us know here:
http://www.alliancetechnologies.net/forms/alliance-technologies-feedback-survey
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cialug.org/pipermail/cialug/attachments/20101223/8dd0f9cc/attachment-0001.htm
More information about the Cialug
mailing list