The NPR story is mostly regurgitated press release from scare mongers. The network infrastructure it looks like they are talking about is in the core of the internet, big cisco and juniper routers and the like. If anything, the NSA noticed because their surveillance tools are already embedded in those same routers, doing all the things they accuse others of doing. Most of the concern about home routers is about botnets, exploiting them for distributed denial of service attacks in particular. Good passwords, limiting inbound access are sensible steps. The threat from local attackers is much smaller, because it requires physical presence and doesn't scale nearly as well (too slow and uses too much gasoline).
On Tue, Apr 24, 2018 at 2:27 PM, Russell Senior <russ...@personaltelco.net> wrote: > Attitude Adjustment is pretty old. OpenWrt has a pretty good firewall by > default, so remote access should be difficult. You should take note of > which packages you have installed, backup your settings, and then you could > try installing this, the most recent release version: > > http://downloads.openwrt.org/releases/17.01.4/targets/ > ar71xx/generic/lede-17.01.4-ar71xx-generic-wzr-600dhp- > squashfs-sysupgrade.bin > > Development is currently converging on a new release (hopefully in the > next month or so, but I'd wait on that). > > On Tue, Apr 24, 2018 at 2:12 PM, Dick Steffens <d...@dicksteffens.com> > wrote: > >> OPB has an article about router vulnerability. >> >> https://www.opb.org/news/article/npr-sounding-the-alarm-abou >> t-a-new-russian-cyber-threat/ >> >> It recommends following your router manufacturer's guidance on making >> sure the router is secure. It doesn't say specifically what to search for. >> I have a Buffalo WZR-600DHP running OpenWrt LuCI, Attitude Adjustment >> 12.09. What foo should I use to determine what version of firmware I should >> be running to be reasonably secure? >> >> -- >> Regards, >> >> Dick Steffens >> >> _______________________________________________ >> PLUG mailing list >> PLUG@pdxlinux.org >> http://lists.pdxlinux.org/mailman/listinfo/plug >> > > _______________________________________________ PLUG mailing list PLUG@pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
