crypto on *really* cheap hardware
I presume most people have by now read Cringely's piece on hacked Linux for Linksys WRT54G (and clones): http://www.pbs.org/cringely/pulpit/pulpit20040527.html http://www.pbs.org/cringely/pulpit/pulpit20040603.html That thing is $70-80, and comes as a 200 MHz MIPS box with 32 MByte RAM, and some 4-8 MByte flash. Stock antennas are crappy, but radios are very good, so long-range suitable with appropriate antennas. Current sveasoft firmware http://www.sveasoft.com/modules/phpBB2/index.php (it's open source, though bleeding edge firmware only available for $20/year subscription). You can build the image yourself on a Linux box with the right build environment (I haven't due to lack of time). It does VoIP, prioritizes traffic, has currently VPN pass-through and will do IPsec on future mesh-supporting firmware. I'm sure resident people can see plenty of intersting uses, and useful hacking projects. -- Eugen* Leitl <a href="http://leitl.org">leitl</a> ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature]
I presume most people have by now read Cringely's piece on hacked Linux for Linksys WRT54G (and clones):
[...]
It does VoIP, prioritizes traffic, has currently VPN pass-through and will do IPsec on future mesh-supporting firmware.
You forgot to mention "sometimes it'll stay up for as long as several hours before crashing/locking up". I guess this is a security feature, if someone breaks in they'll only be able to use it for a short time before it locks up or crashes. Peter (who doesn't own one, but has heard horror stories from owners).
On Thu, Jun 17, 2004 at 01:19:30AM +1200, Peter Gutmann wrote:
You forgot to mention "sometimes it'll stay up for as long as several hours before crashing/locking up". I guess this is a security feature, if someone breaks in they'll only be able to use it for a short time before it locks up or crashes.
Peter (who doesn't own one, but has heard horror stories from owners).
Yes, the stock Cisco/Linksys firmware is plain horrible (especially stability on high P2P load), and has a nasty remote admin security hole (prime candidate for a firmware worm, given that the hole is trivial to exploit, Linux firmware build environments are aplenty, megaunits have been sold, and most users aren't security-literate). The first thing to do before even putting it on the network is to reflash it, with Sveasoft's firmware, or one of the 2-3 alternatives. -- Eugen* Leitl <a href="http://leitl.org">leitl</a> ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature]
participants (2)
-
Eugen Leitl -
pgut001@cs.auckland.ac.nz