crypto on *really* cheap hardware

Eugen Leitl eugen at leitl.org
Wed Jun 16 06:29:02 PDT 2004


On Thu, Jun 17, 2004 at 01:19:30AM +1200, Peter Gutmann wrote:

> You forgot to mention "sometimes it'll stay up for as long as several hours
> before crashing/locking up".  I guess this is a security feature, if
someone
> breaks in they'll only be able to use it for a short time before it locks
up
> or crashes.
>
> Peter (who doesn't own one, but has heard horror stories from owners).

Yes, the stock Cisco/Linksys firmware is plain horrible (especially
stability on high P2P load), and has a nasty remote admin security hole
(prime candidate for a firmware worm, given that the hole is trivial to
exploit, Linux firmware build environments are aplenty, megaunits have been
sold,
and most users aren't security-literate).

The first thing to do before even putting it on the network is
to reflash it, with Sveasoft's firmware, or one of
the 2-3 alternatives.

--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07078, 11.61144            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE
http://moleculardevices.org         http://nanomachines.net

[demime 1.01d removed an attachment of type application/pgp-signature]





More information about the cypherpunks-legacy mailing list