[Cialug] DD-WRT (and others) Risk

David Champion dchamp1337 at gmail.com
Thu Dec 23 14:37:52 CST 2010


Am I correct that this is only a problem if you're doing remote
administration via HTTPS?

For instance, I have a dd-wrt router at home, but it is only accessable via
http on the internal ports.

-dc

On Thu, Dec 23, 2010 at 1:23 PM, Barry Von Ahsen <barry at vonahsen.com> wrote:

> you can download the code here:
>
> http://code.google.com/p/littleblackbox/
>
> then it's in an sqllite db file in bin - it's mostly DD-WRT
>
> "Cisco","6"
> "D-Link","4"
> "DD-WRT","6524"
> "Linksys","16"
> "Netgear","2"
>
> vendors and models posted here:
>
> http://pastebin.com/cbhUZ7HZ
>
> vendors and firmware here:
>
> http://pastebin.com/uyzjh4yw
>
>
>
> -barry
>
>
>
>
> Nathan C. Smith wrote:
> > Josh,
> >
> > thanks for pointing this out.  Is there a plain listing of suspect
> manufacturers/devices somewhere?
> >
> > -Nate
> >
> > From: cialug-bounces at cialug.org [mailto:cialug-bounces at cialug.org] On
> Behalf Of Josh More
> > Sent: Thursday, December 23, 2010 10:09 AM
> > To: cialug at cialug.org
> > Subject: [Cialug] DD-WRT (and others) Risk
> >
> > Since we still have a list right now, and since I know that tomorrow is a
> down day for everyone with no obligations other than reading and responding
> to security threats, I thought I'd share this link:
> http://seclists.org/fulldisclosure/2010/Dec/492
> >
> > Nutshell version:  If you're running DD-WRT, you might want to roll your
> own self-signed cert.  If you're running one of the others in the DB, you're
> probably out of luck.  If you typically have to analyze SSL traffic for fun
> or profit, merry Christmas.
> >
> >
> > Josh More | Senior Security Consultant - CISSP, GIAC-GSLC, GIAC-GCIH
> > Alliance Technologies | www.AllianceTechnologies.net<
> http://www.alliancetechnologies.net>
> > 400 Locust St., Suite 840 | Des Moines, IA 50309
> > 515.245.7701 | 888.387.5670 x7701
> >
> > Santa is Secure.  Are you?
> > http://www.alliancetechnologies.net/security/santa-2010
> >
> > How are we doing? Let us know here:
> >
> http://www.alliancetechnologies.net/forms/alliance-technologies-feedback-survey
> >
> >
> >
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > http://cialug.org/mailman/listinfo/cialug
>
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cialug.org/pipermail/cialug/attachments/20101223/570b60d7/attachment.htm 


More information about the Cialug mailing list