[Novalug] linux issues
Derek LaHousse
dlahouss@mtu.edu
Fri Aug 12 11:42:17 EDT 2016
On Fri, Aug 12, 2016 at 11:32 AM, Ed James via Novalug
<novalug@firemountain.net> wrote:
> Could you (or anyone else) gimme a link to something that explains exactly
> what this security hole is *as it pertains to my router*?
Here's a site that catalogs lots of problems with SOHO routers:
http://routersecurity.org/bugs.php
If an attacker can run code on your router, then your router can
become part of a botnet. If your router becomes part of a botnet that
DDoS'es a site I like to use, then your crap router is a problem for
me.
With such features as WebSockets now in browsers, it is possible for
an "internal-only" attack to be performed because you visited a
compromised site. Hooray for arbitrary code in browsers with network
access.
I suggest OpenWRT because it at least sees updates, something the
router vendors do not bother with. PFSense may be more secure.
More information about the Novalug
mailing list