Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Bug Security

Dear Asus Router User: All Your Cloud Are Belong To Us 148

New submitter Trax3001BBS writes "Ars is running an article about a vulnerability of Asus routers that are becoming very popular at the moment for connecting USB devices to the Internet. From the article: 'An Ars reader by the name of Jerry got a nasty surprise as he was browsing the contents of his external hard drive over the weekend — a mysterious text file warning him that he had been hacked thanks to a critical vulnerability in the Asus router he used ... The guerilla-style hacking disclosure comes eight months after a security researcher publicly disclosed the underlying vulnerability that exposed the hard drives of ... Asus router users. ... According to Lovett, the weakness affects a variety of Asus router models, including the RT-AC66R, RT-AC66U, RT-N66R, RT-N66U, RT-AC56U, RT-N56R, RT-N56U, RT-N14U, RT-N16, and RT-N16R. Asus reportedly patched the vulnerabilities late last week...' And this old news, come new again: The Asuswrt Merlin ROM took care of this vulnerability months ago (defect #17)."
This discussion has been archived. No new comments can be posted.

Dear Asus Router User: All Your Cloud Are Belong To Us

Comments Filter:
  • by Anonymous Coward on Tuesday February 18, 2014 @12:06AM (#46273535)
    Just install DD WRT and have done with it.
    • Yep DD-WRT is on my RT-AC66U. Works brilliantly.

      • Watch out for SSL bugs in dd-wrt.

      • by AlphaWolf_HK ( 692722 ) on Tuesday February 18, 2014 @04:29AM (#46274211)

        I've got an RT-AC66U myself and honestly I like tomato (shibby version) a hell of a lot better for it. Multiple reasons, but the biggest include:

        The interface in DD-WRT is clunky; by that I mean they use a worse than MS Windows* style of individual fields for IP address octets so that you have to tab between fields instead of naturally typing it out in the dot notation like you do everywhere else; and if you change one setting that uses a refresh object it *very annoyingly* undoes any unsaved settings you may have made on that page. *(MS Windows is actually slightly better here because if you type in the dots it automatically moves to the next field, whereas DD-WRT does not, requiring you to tab instead, and if you make an error in a previous field you have to shift-tab and arrow to your mistake instead of simply hitting backspace.)

        Tomato has really nifty links for doing things quickly. A beautiful example is like giving a MAC address a sticky dynamic IP address just requires a click, typing the IP address and desired hostname (for local DNS resolution if you desire) and then clicking save. With DD-WRT you have to go through numerous steps just to type in the MAC address.

        DD-WRT's QoS functions, and its network monitoring and analysis functions are downright awful compared to tomato. Just straight up awful.

        DD-WRT deliberately cripples certain features unless you pay for them (such as its QoS features, which even the paid version is worse than what Tomato offers for free.)

        (Kind of hypocritical too because DD-WRT was originally built by a group that was tired of the Sveasoft guy hoarding his changes to the GPLed code to only those who paid him, but I don't count that against them because I'm more of a "I use what works" kind of guy.)

        Then again I'm a hobbyist when it comes to networks, so I might have more stringent demands than anybody else.

        • by TyFoN ( 12980 )

          Got to agree here, my N66U is flying with shibbys tomato.

          I can't really figure out why one would want to put hard drives on the edge device, but still the custom firmware is best.

          And the hardware of these devices are excellent :)

          • You might put a thumb drive in there to hold log files. I do this to track my bandwidth usage. Well no- I use the CIFS support in Tomato for that.

        • by AmiMoJo ( 196126 ) *

          I prefer Tomato too but what drove my to DD-WRT is a lack of hardware support. If you want a reasonably priced, reasonably fast router with 802.11ac support you can't run Tomato, which is a real shame.

          Fortunately QoS is irrelevant once your internet connection is fast enough (I'd say 100/100 or better), but unfortunately most people don't have that.

        • I installed Tomato once, went back to DD-WRT less than an hour latter.
          Tomato does some cool stuff, but its complete lack of pretty much every feature that DD-WRT has was a deal breaker.

          • Like what, specifically? Not doubting, just curious.
            • Only used it for half an hour, so all I remember is that I could not do anything that I wanted to do.

              • All I know about feature sets in tomato vs. dd-wrt is that when I followed the instructions on the dd-wrt website to do WDS on dd-wrt it didn't work, but the tomato instructions worked to get WDS working on tomato. Otherwise they seem to do all the same stuff.

              • I'm genuinely curious what features you're missing, because as far as I'm aware there aren't any that DD-WRT has and Tomato does not. Tomato even offers several features that DD-WRT does not. There was some paid hotspot service (e.g. you get commissioned or something) I recall DD-WRT including out of the box in some releases that Tomato didn't have, but if you really wanted that service (it has VERY limited use cases) you can add it to tomato rather easily using optware.

            • But basically what struck me was.
              DDWRT has like 40 option pages with like 40 options each, and a command line.
              Tomato has like 3 option pages with like 3 options each.

              • That description isn't accurate for either one, actually. DD-WRT has a lot of pages that just have a single option in them, and navigating among them requires an entire page reload (part of why the UI is really badly designed IMO.) For example, in DD-WRT there are two separate pages for configuration data (one for backup/restore, another for factory reset) whereas Tomato consolidates these into one page.

                If you want raw numbers, to my count (I have DD-WRT running on one of my switches, tomato running on two)

                • Well you make me want to try it again. All I know is I re-imaged it the very same day when I did give it a try, because I could not get it to do the same things.

    • No, not quite "have done with it." Keep it up to date as vulnerabilities are found and fixed, just like everything else.

    • Just install DD WRT and have done with it.

      +1 for this. Most of the cases DD-WRT is more secure and stable than the manufacturer-provided firmware.

      But still, these kind of community-built firmwares should not be required to have a good experience. As paying customers, we should demand high-quality firmware and consistent security updates directly from the manufacturer.

      • I used DD-WRT on my Linksys router and it was great. However, the ASUS RT-N16 stock firmware does everything I need out of the box. It's very stable and didn't have to reboot it so I'm not going to bother changing it. It would be nice to have info from ASUS on a fix.
        • by jiriw ( 444695 )

          My experience is, in general, Asus makes decent featurefull router firmwares. However, I like tinkering and moar ;) options so my RT-AC68U soon got DD-WRT on it and some custom scripts. Multiple WLan segments with their own SSID so I have a public and private channel, multiple VLAN segments, one for DMZ, one for local lan, one for 'experiments'. Everything with a proper IPTables script which runs at boot... Custom DNS lookup table. It's just fun to hack router.

          A clunky interface doesn't matter to me, as lon

        • If you like the Asus RT-N16, I don't recommend DD-WRT anyway. I have the same model and love how stable Tomato (Shibby build) is. The UI is very clean compared to DD-WRT, so you're not losing convenience for functionality. I also think the router is actually a bit faster on Tomato vs. stock. Then again - if you don't use the USB ports, you're not at risk anyway.

        • I switched to DD-WRT because I needed some logging information so I could tell which MAC addresses were using the most bandwidth. I got a notice from Cox that I had used more bandwidth than my plan allowed (although a bandwidth allowance was not discussed when I signed up), but I was not able to tell which computer was using all the bandwidth using the built in firmware.
          It turns out that it was the minecraft client that my daughter was playing. Apparently, minecraft client uses more bandwidth than streamin
    • by Algan ( 20532 )

      Actually Asus' firmware IS open source. GPL even. You can download the sources and play with them and improve them. Which is exactly what Merlin does.

    • I'm not sure why anyone would use the stock firmware. I use the RT-N16 with Tomato. It's the best router I've ever had. I hardly care that it doesn't have the 5GHz band, which would only reach the one room that doesn't have any wireless devices anyway.

      • by suutar ( 1860506 )
        I use the stock firmware because when I tried tomato it kept hanging and needing power cycling every couple of days. This was some time back; I could try a newer version, but I haven't gotten around to it.
        • I was going to try Shibby, which everyone recommended, but I had trouble finding a recent one and went with Toastman instead. I used Tomato-USB prior to that. My about screen (on my RT-N16) says I'm using Tomato Firmware v1.28.0503 MIPSR2Toastman-RT-N K26 USB VPN. So it's a special build specific to the RT-N models.

          Great stability. Make sure to do a hard reset both before and after the firmware upgrade. Hard to find the proper instructions out there. Current uptime: 105 days, 17:33:22. And that was wh

      • by GNious ( 953874 )

        I'm not sure why anyone would use the stock firmware.

        I'm going to go with, "because we want to buy a box, at a given price, and be done with it".
        Tinkering is all good and fine, but the majority of end-users just want shit that works.

        • I was referring specifically to the audience I was addressing - didn't feel like spending my time being so specific with my words. Who know that router firmware tends to be bad all around.

    • I prefer PFSense on a netgate appliance.

  • Is a text file. The average computer user will not go and dig through log files, nor they will go around on the internet reading everything about each vulnerability that is exposed everyday. Years ago I copy pasted a similar text file to computers on a neighbourhood network, letting them know those specific folders were exposed on the local network and also been given r/w permissions. I was (and somehow still am) a humble user, passionate about tech, but I can always appreciate the heads-up. Just did what I
    • by TWX ( 665546 )
      I thought that the best way was to put dozens of iterations of something in the run folder of their start menu. Like that "screen mate" program that launched iterations of rams that walked around on top of the windows and "munched" on GUI items, or Tiny Elvis, which would walk around on the taskbar and comment on how huuuge things were...
    • by Penguinisto ( 415985 ) on Tuesday February 18, 2014 @12:29AM (#46273625) Journal

      Do be careful about that...

      I did that once, years ago, on a hotel WiFi network while traveling - I found a wide-open shared directory (I was bored, so I sniffed around, and...) The folder had a lot of rather sensitive-looking stuff laying about in it, judging by the filenames. I left a small anonymous text file asking the owner to secure the laptop in the future, and wrote out step-by-step how to do it. The next morning, I was walking by the front lobby desk when I heard a hysterical woman demanding that the staff call the cops because she'd been "hacked".

      First, last, and only time I'll ever be a good samaritan. :(

      • Way open I was able to print to the office center printers from my room at one place (it was just an small area near the front desk) I only needed to print a few pages. But some could of really printed off pages and pages of stuff. Also lot's of other guests systems showing up as well.

      • I left a small anonymous text file asking the owner to secure the laptop in the future, and wrote out step-by-step how to do it.

        That wasn't very elegant way to handle that. Snooping into other people's files and telling them what to do is not cool, no matter if the objects are password-protected or not. I guess that's why the woman freaked.

        And if I were to get a little text file like that, how would I know that you didn't actually tamper something else in the process.

        I know you were just trying to help, but still...

        • And if I were to get a little text file like that, how would I know that you didn't actually tamper something else in the process.

          You cannot know whether anyone tampered with your files regardless of whether the text file was put there. That's the whole point of letting you know about the problem: anyone can do whatever they want with your files and hopefully after you see the file you will take steps to fix that.

    • by Somebody Is Using My ( 985418 ) on Tuesday February 18, 2014 @12:38AM (#46273651) Homepage

      Which works until you use this method to "advise" the wrong person, who contacts the cops and you end up arrested for computer trespassing. Too often we hear stories about people intending to do good are blamed for the message they bring.

      Unfortunately, there doesn't seem to be any "right" way to bring these problems to the attention of the user or the developer since the laws all seem to be unfairly balanced against the whistleblower. There is an automatic assumption that anyone providing the information could only have come upon the data because they were intending to do something malicious.

      Having said that, there are many the times I've been tempted to rename the SSIDs of wireless networks that still use WEP in some vain attempt to knock some sense into the user's head. Never gave into that impulse, but boy, sometimes it was quite a struggle.

      • Having said that, there are many the times I've been tempted to rename the SSIDs of wireless networks that still use WEP in some vain attempt to knock some sense into the user's head. Never gave into that impulse, but boy, sometimes it was quite a struggle.

        There are legitimate reasons for using WEP.

        I still use WEP on my home network, because I still have a few devices that simply won't reliably do anything better. I figure that this is largely ok because:
        1. Everything I do over the wireless network internally is using encrypted protocols anyway, and I wouldn't be using non-encrypted protocols for transporting sensitive data externally anyway.
        2. There are a bunch of my neighbours' completely unsecured APs visible from my house so I figure if someone is interested in cracking a wireless network, they're probably going to go for the easy option and use one of those networks rather than cracking my WEP key.

        Whilst I'm of the opinion that if an AP is left completely open, it should be legal to treat it as a public hotspot, I do still think that if you're having to crack some kind of security, however weak, in order to gain access then you need to be arrested and punished because you're clearly stepping over the line. (And yes, cracking someone's WEP key and router password in order to change their SSID counts as stepping over the line).

        • I still use WEP on my home network, because I still have a few devices that simply won't reliably do anything better. I figure that this is largely ok because:
          1. Everything I do over the wireless network internally is using encrypted protocols anyway, and I wouldn't be using non-encrypted protocols for transporting sensitive data externally anyway.
          2. There are a bunch of my neighbours' completely unsecured APs visible from my house so I figure if someone is interested in cracking a wireless network, they're probably going to go for the easy option and use one of those networks rather than cracking my WEP key.

          Cracking a WEP key takes minutes and almost zero effort if there is already traffic on the network (and a bit more if there isn't). There may be completely unsecured APs around but whether they are actually as usable as yours depends on 1) the signal quality and 2) how many others are connected to these open APs and sucking up bandwidth. You say that everything using the network is encrypted but that is only half of the problem. The other half is somebody using your network to do (very) illegal things on th

          • Cracking a WEP key takes minutes and almost zero effort if there is already traffic on the network (and a bit more if there isn't). There may be completely unsecured APs around but whether they are actually as usable as yours depends on 1) the signal quality and 2) how many others are connected to these open APs and sucking up bandwidth.

            Smashing a window and entering your home takes minutes and almost zero effort. There may be completely unsecured homes around but whether they are actually as vulnerable depends on 1) the value of anything in the home and 2) how many people are present in the open home at the time.

            My point was that placing encryption on a network, however insecure that is, demonstrates that the network is private - anyone who accesses the network has conciously broken into it in the full knowledge that they were committing

        • There are legitimate reasons for using WEP.

          Not really. There's just one: your devices don't support WPA. Otherwise, you might as well use no encryption. Given recent revelations, though, that's probably true anyway; you should use openvpn, or ipsec, or whatever else you like in order to provide encryption.

          • There are legitimate reasons for using WEP.

            Not really. There's just one: your devices don't support WPA.

            Doesn't that constitute a legitimate reason?

            Otherwise, you might as well use no encryption.

            There is a significant distinction between no encryption and weak encryption: There is absolutely no way for someone to know whether or not an open AP is a public or private network (in fact, many devices will automatically connect to an open AP on the assumption it's a public hotspot, completely removing the user from the equation). Conversely, in order to use a weakly encrypted network, you must make a concious decision to do something that you know is crimina

            • There is a significant distinction between no encryption and weak encryption: There is absolutely no way for someone to know whether or not an open AP is a public or private network

              Right, but that's a problem for someone else, not for you.

              Breaking into a network and changing the SSID to let the owner know it can be broken into is akin to chucking a brick through someone's window with a note attached telling them that it's possible to break in through their window, or climbing over their garden fence and spraypainting a note on the side of their house warning them that it's possible to climb over the fence - it's not a "good samaritan" geasture, it's wanton criminal damage.

              That is a stupid thing to say, and only a stupid person would say it. It's not damage at all. It's equivalent to picking up someone's car and facing it the other way. It's an annoyance, not damage. Now, if you did that to someone who was depending on it for work, it might cause them actual loss, but someone who is using a network for work and doesn't secure it is an asshole. That doesn't change the fact, but it does change who it's done to.

              • There is a significant distinction between no encryption and weak encryption: There is absolutely no way for someone to know whether or not an open AP is a public or private network

                Right, but that's a problem for someone else, not for you.

                No, I treat that as my problem - I have no expectation of someone not treating my network as a public hotspot if I provided no way for them to know it wasn't.

                That is a stupid thing to say, and only a stupid person would say it. It's not damage at all. It's equivalent to picking up someone's car and facing it the other way. It's an annoyance, not damage.

                If the person who owns the network isn't very technically literate then it's equivalent to damage - they suddenly won't be able to connect to their own network and will have to hire someone to undo the damage and make it work again. You are making the assumption that everyone knows how to diagnose and fix the problem you're creating which is fundament

  • I don't have to worry about this, AT ALL, because the router only worked for 2.5 hours after installation before it died. so there!

  • by Anonymous Coward

    The best part about this, IMHO, is that my router reports that there is no new firmware. I was able to download it from ASUS and it installed successfully. But had I not seen this article, I would have kept on assuming that mine was the latest and greatest because that is what the router told me.

  • by Anonymous Coward

    So I try a random IP, paste it in my URL bar (specifying an old, insecure file transfer protocol) and bam next second I'm looking at a guy's medical files (an excel sheet with daily blood sugar levels, what he ate that day, and sometimes comments) and his tax returns. Looked at a few pics too.
    Another IP doesn't work immediately, another has the server up but no shares, another has some music and I'm downloading some to try it out, hell I even curlftps'ed in for the sake of it and it works albeit slow. Aww f

    • you also probably just technically broke the law.

      Heres a tip to all voyeurs out there: dont probe random IPs specified as "vulnerable". You probably wont get noticed, but if you are you can get in a whole bunch of trouble. "Unauthorized access" means you unless you have permission.

  • by tmo72 ( 604664 ) on Tuesday February 18, 2014 @02:21AM (#46273945)

    From Merlin himself:
    http://forums.smallnetbuilder.... [smallnetbuilder.com]
    He says disable aicloud and the ftpd for now.

  • Genuine thanks. I have one of these models in my office, where there's just a couple of us. Never even thought about it, as we don't use it for anything other than establishing PPPoE on ADSL. Turns out we had those features all turned on, too. No disks attached - but still.
  • Dear IT People (Score:5, Informative)

    by ledow ( 319597 ) on Tuesday February 18, 2014 @04:17AM (#46274181) Homepage

    Dear IT People,

    Despite what you might think in the modern day, exposing things to the Internet unnecessarily is still just asking for problems. Especially things with firmware rather than regularly- and automatically-updated software.

    Yes, we all run websites. Yes, we have RDS and VPN and all kinds of clever technology. And, yes, I'm sure you "keep it up to date" and have 28-digit passwords.

    But that doesn't change the fact that the connection that comes into your business/home is "hostile". It receives rogue packets and attacks 24 hours a day whether you know it or not. In fact, it's kind of a credit to most firewalls how LITTLE you actually notice coming down the line because it's just handling all the obvious attacks and scans all the time.

    But every port you open, everything you expose past your firewall (and even your firewall can be a problem if it's not good enough to handle unusual packets like a lot of ADSL routers that crash if they get too many connections or large packets, etc.) is a risk. Honestly. It's a risk.

    If you buy some cheap piece of commodity hardware and port-forward direct to it on the standard ports, you are relying on the security of that device to keep intruders out - not your firewall.

    If it's some cheap router, or some crappy CCTV PVR or a games console or even just a test experiment or network switch or something else in your home, then you are relying on THAT to be a secure gateway from attacks from the Internet. And guess what, the weakest link in the chain will be the first exploited.

    Please, before you go exposing this crap to the general Internet, limit its damage potential. Don't put it on your local network, but a VLAN of some kind. Don't forward every port. Don't have things like UPnP enabled (which is just automated, authentication-less port-forwarding). Put some authentication on it. Don't rely on some web interface knocked up by a foreign CCTV manufacturer, intended as a GUI for the local network to be as trusted as your firewall.

    Similarly, don't let these cheap, shit ADSL routers to be exposed to the general Internet while having all your personal files on them (and presumably running Samba, Bonjour, FTP, all kinds of shit to the local network to let you access them). Just... don't.

    You want to do this kind of thing? Use the VPN functions and make sure you keep on top of their updates and security. They will allow you to join the local network remotely, and that local network can be as insecure as you like with this cheap shit dangling off it unauthenticated if you like, as your VPN access can be secured, logged, audited and checked quite easily.

    Don't allow some piece of firmware junk, probably written in some C/Perl CGI/PHP that hasn't been updated since the day it started working enough to be saleable, to be your public face and guardian on the Internet.

    The principle applies all the way up too. Don't put AD controllers on the visible Internet. Don't let your public RDS server be the same as your DC or even on the same VLAN. Don't run IIS exposed to the world for some crappy HP utility, or external page.

    Do what those weird old tech guys used to do for decades and limit your exposure at all times. Sandboxing, VLAN'ing, permissioning, auditing. And, in the extreme, run a server OUTSIDE your home for this kind of shit. Seriously, VPS and cloud server with large storage allocations are cheap as chips nowadays. And they are kept up to date for you. And if someone compromises them, you have someone to blame AND you can be sure they haven't popped onto your home network and downloaded everything off your private laptop too.

    If some random consumer buys this crap and gets attacked, that's their problem. This is a site for damn geeks, though. We should know this kind of stuff. We should be advising against this kind of stuff. I should be able to nmap any one of you, at home or at work, and come up with nothing but a handful of secured ports running the latest software (if any

    • by Bert64 ( 520050 )

      Secure your internal network too, don't rely solely on your border devices... All it takes is one pinhole and you're totally screwed.
      Treat every device as if it was directly connected to the internet, use secure protocols, disable unnecessary features and choose wisely when buying devices. If you then want to hide these devices behind a firewall *as well* then more power to you, but never rely totally on a firewall because eventually they will fail you one way or another.

      • by ledow ( 319597 )

        That's the way I do things, too, but the critical first step is to secure the borders.

        My usual home setup is actually:

        Internet router (everything disabled and DMZ enabled so it merely pipes all traffic to next device without processing it, like a modem).
        - to -
        Router / firewall (which treats all external traffic as hostile).
        - to -
        Wireless AP and LAN (separate ports / numbering / VLAN)

        But even there, the Wireless has client separation (so one dodgy PC on the wireless can't see another), it's treated as "untru

      • use secure protocols, disable unnecessary features and choose wisely when buying devices

        While absolutely correct, your strategy does not account for 99% of the users who lease Internet connections.

    • by AmiMoJo ( 196126 ) *

      Maybe we need to think of operating this kind of equipment more like driving a car. You need to learn how to do it safely, and manufacturers have a responsibility to make sure their products are safe and issue fixes/recalls if problems are discovered.

      Allow dumb routers with minimal features for those who don't want all that, and any router with more power has to be developed and operated responsibly.

  • by rs1n ( 1867908 ) on Tuesday February 18, 2014 @07:10AM (#46274517)
    As the title suggest, the firmware update on 2/12/2014 supposedly fixes the issues. http://support.asus.com/downlo... [asus.com]

    ASUS RT-N66U Firmware version 3.0.0.4.374.4422
    Security related issues:
    1. Fixed lighthttpd vulnerability.
    2. Fixed cross-site scripting vulnerability (CWE-79).
    3. Fixed the authentication bypass (CWW-592).
    4. Added notification to help avoid security risks.
    5. Fixed network place(samba) and FTP vulnerability.

    Improvement:
    1. Redesigned the parental control time setting UI.
    2. Updated multi language strings.
    3. Adjusted FW checking algorithm.
    4. Adjusted Time zone detecting algorithm.
    5. Improved web UI performance.

    • Did they fix the download master killing ping times? One of the selling points of the router for me and ended up being worthless since it drove latency to 2+ seconds whenever it was enabled.

  • Do it with a pogoplug. You can run debian (or allegedly BSD) from an SD card, it gets updated more than the various router firmwares, and you can get one with USB3 for $20 brand new.

  • by compwizrd ( 166184 ) on Tuesday February 18, 2014 @07:39AM (#46274585)

    Haven't checked into other routers, but the RT-N16 has a "warranty cap". There is a capacitor on the far right of the unit, roughly centered. It's clearly designed to fail after a period of time. The rest of the capacitors are a different brand that isn't generally known to fail, the warranty cap is known to be a defective make.

    Normally it takes a bit longer than the actual warranty length to fail.

    • Is it easy to recognize? It was still worth it to me to buy a second RT-N16, but I still have the failed one. Would love to resurrect it.

      • It'd probably take you less time to rip it open and find out than to wait for the reply, or even to find pictures in the fcc database

        • I already had it open. I never figured it out. No obvious problems in there (no bulged caps), but it behaved just like a capacitor problem.

          • The description said that it was a different-brand cap on one side of the board all alone. You could probably have found it and desoldered it by now, if it's there. Could always be another rev of the same board, in which case any answer would be useless. If you can find your ass with both hands and a map and pour piss out of a boot with instructions printed on the heel, you're qualified to figure this one out on your OR.

            • I didn't have it open today - I had it open 6 months ago.

              I misread on the brand part.

              Why is this bother you so much?

      • Very easy, yes.. there's one that stands off on its own. I had 5 of them in service, they all died within the same month.

  • Give me a break. A vulnerability was disclosed, and then some time after that it was leveraged by attackers in the wild. This is what happens.

  • I'm using Bell Fibe in Canada, and they supply a Modem / Router solution. I believe that Rogers (other major ISP) provides similar technology. So for many people they would not have their own router / firewall as first line of defense, they'd have ISP-supplied equipment.

    Is it common in Canada or the US for people to just get a WAN Modem / Driver from their ISP and then put their own router into place? Or worse, plug their laptop right into the Driver and hope that MS firewall will keep the wolves at bay?

    • by ruir ( 2709173 )
      yes, most of us have a modem router solution. I also have it too. Are you stuck with it? Not necessarily... If you are fortunate like myself, you can disable the routing/wifi functions, configure it in bridge mode, and connect to it proper hardware.
      • Unless you're cursed with a Zyxel 5001... That piece of crap completely soils itself if it loses connection (such as might happen given SW Florida's weekly power flickers) in "Transparent bridging" mode. For some reason, it seems completely incapable of reestablishing a connection until I log into the admin panel, set it back to DHCP, and let it reconnect before resetting the whole thing.

        I thought about getting a UPS for it, then I decided that if I'm going to spend more dough on it, I'd be better off getti

        • by ruir ( 2709173 )
          Good luck connecting/activating the service with a non-approved ISP equipment...It is not the same as connecting a TV or a switch in your local network.
          • Sure it is, you just have to know how to configure it. It's not that difficult.

            • by ruir ( 2709173 )
              You dont know what you are talking about sir, at all. And I am telling you that after running the Internet side of a Internet Cable company during 5 years. Custom firmwares, specific revisions of hardware, support of security protocols, authorisation/provisioning of clients/service based on MAC address, and often in ADSL routers deviations to the standard protocol...It is not the same as buying a fridge or a home wireless router at al.
              • This is a DSL provider, not cable (who do tend to make setting up the client side an utter pain), and I do know what I'm talking about. I've done it before, multiple times.

  • ClamXav on OS X reported a virus infection in one of the files in the archive: ASUSGATE/FTP-dirlist/75.183.112.181.dirlist: JAVA.Exploit.CVE_2012_1723 FOUND

    I don't know exactly what to make of that, but be careful.

  • This firmware has been available for several days but if you go into your router and have it check for an update (and you are running the one from months ago like I was) it still says you are using the current version.

    I'll NEVER buy another ASUS router again. Their routers get such good reviews. I think it's time to just start running pfsense in a VM on my linux box and just be done with it. Just use the wifi on these shitty routers for wireless lan access.

  • The way I did. Now, if you're not an experienced sysadmin, and want to use your Asus router for *anything* else, give up. I've got DD-WRT on mine, and it took months, for the simple reason that I wanted to use the router, as it advertised on the box, to serve a USB printer.

    Calling Asus about the stock firmware, when I told them my printer, they told me, "oh, it servers printers, but not that printer, you should have checked what we support...." The box does *NOT* say "only supports some printers...."

    So I we

Do you suffer painful hallucination? -- Don Juan, cited by Carlos Casteneda

Working...