-
January 25th, 2005, 07:32 PM
#1
New linksys router/gateway exploit
Can anyone verify that the Linksys befvp41 and wrt54g have a new issue with their firmware, I can't seem to find any info on them.
It creates a DoS, the router starts sending out buttloads of packets.
Upgrading to the most recent firmware is advised.
Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
- Samuel Johnson
-
January 25th, 2005, 07:45 PM
#2
Which firmware issue? I know that my Linksys WRT54G Ver 1.1, which has the 3.01.3, doesn't have too many issues (occassional IGMP request). Looking at the version info for firmware I don't see anything that might cause this.
-
January 25th, 2005, 07:53 PM
#3
Anyone running 2.7 or below. 3.01.3 is the most current, so obviously you are okay. Sorry I should have stipulated the older version number.
The reason I'm bringing this up is an ISP out here has quite a few users running the older firmware and they are pounding their network.
Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
- Samuel Johnson
-
January 25th, 2005, 08:14 PM
#4
Firmware Version: v1.42.2
Linksys WRT54G
Sitting right next to me... hmm, wonder if there's something I should do?
-
January 25th, 2005, 08:27 PM
#5
It's also affecting the WRK54G. Just found one spitting a bunch of garbage. And there is no firmware update for it, march of last year is the most current. I've notified Linksys but I'm not holding my breath since they are owned by Cisco.
And ;TT I'd definitely do something. Upgrade the firmware to the most current or use a cutsom built firmware by sveasoft www.sveasoft.com or wifi-box.net. And I'd advise against using the web update function, it can be flaky.
Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
- Samuel Johnson
-
January 25th, 2005, 08:38 PM
#6
Hmmm, can you post a PoC of your theory? None of the usual exploit sites have anything regarding these Linksys routers.. and you explain more clearly what it's spewing out and what ports and what exactly is happening?
-
January 25th, 2005, 08:55 PM
#7
I'm not personally experiencing it, so, no, I can't. I'm just relaying what another ISP is stating and I'm not going to ask him to stop going from customer to customer and do a sniff to see exactly what is going on because someone on a BB asked to see proof. I also trust the fact that he isn't making it up. And if you took the time to read my posts I'm also asking for some corroboration about this because I haven't seen any posts on any of the "usual exploit sites" either. Has anyone else seen it???????
Besides that you should always have the latest stable rev of firmware running on any of your devices for obvious reasons. But I guess that's just my opinion.
Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
- Samuel Johnson
-
January 25th, 2005, 09:26 PM
#8
Hmm, seems you've taken this the wrong way. I was interested in knowing exactly what was happening, not doubting you.. I'll upgrade the router tonight or tomorrow but I'm pretty interested in what kind of packets are being sent and what causes it so once you make something up, err, I mean find something, please do post. ;-)
-
January 25th, 2005, 10:49 PM
#9
Kind of off-topic but relevant...
Has anyone tried the sveasoft firmware. My impression is that it's a lot like the hacks on the other linksys boxes that allow you to put a linux/snort install directly on the router. This thing had a big fat warning on it though that basically stated that the "upgrade" could be unstable at install and may leave the router irretrievable.... IOW, a very expensive door stop...
I have a WRT54G which it claims to enhance at work and the thought of some of the enhancements is tempting... I'm just wondering if anyone can justify the $20 for me....
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
January 25th, 2005, 10:58 PM
#10
I haven't tried it yet but I'm going to. I also heard that just the performance increase is worth the money.
Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
- Samuel Johnson
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|