[Novalug] linux issues

Derek LaHousse dlahouss@mtu.edu
Fri Aug 12 11:42:17 EDT 2016


On Fri, Aug 12, 2016 at 11:32 AM, Ed James via Novalug
<novalug@firemountain.net> wrote:
> Could you (or anyone else) gimme a link to something that explains exactly
> what this security hole is *as it pertains to my router*?

Here's a site that catalogs lots of problems with SOHO routers:
http://routersecurity.org/bugs.php

If an attacker can run code on your router, then your router can
become part of a botnet.  If your router becomes part of a botnet that
DDoS'es a site I like to use, then your crap router is a problem for
me.

With such features as WebSockets now in browsers, it is possible for
an "internal-only" attack to be performed because you visited a
compromised site.  Hooray for arbitrary code in browsers with network
access.


I suggest OpenWRT because it at least sees updates, something the
router vendors do not bother with.  PFSense may be more secure.



More information about the Novalug mailing list