https://www.us-cert.gov/ncas/alerts/TA18-106A
There is some discussion of SOHO routers but none of the vulnerabilities mentioned apply to you. They mention: Telnet (typically Transmission Control Protocol (TCP) port 23, but traffic can be directed to a wide range of TCP ports such as 80, 8080, etc.), Hypertext Transport Protocol (HTTP, port 80), Simple Network Management Protocol (SNMP, ports 161/162), and Cisco Smart Install (SMI port 4786). None of those are accessible remotely on a stock OpenWrt firmware. On Tue, Apr 24, 2018 at 2:38 PM, Russell Senior <russ...@personaltelco.net> wrote: > The NPR story is mostly regurgitated press release from scare mongers. > The network infrastructure it looks like they are talking about is in the > core of the internet, big cisco and juniper routers and the like. If > anything, the NSA noticed because their surveillance tools are already > embedded in those same routers, doing all the things they accuse others of > doing. Most of the concern about home routers is about botnets, exploiting > them for distributed denial of service attacks in particular. Good > passwords, limiting inbound access are sensible steps. The threat from > local attackers is much smaller, because it requires physical presence and > doesn't scale nearly as well (too slow and uses too much gasoline). > > On Tue, Apr 24, 2018 at 2:27 PM, Russell Senior <russ...@personaltelco.net > > wrote: > >> Attitude Adjustment is pretty old. OpenWrt has a pretty good firewall by >> default, so remote access should be difficult. You should take note of >> which packages you have installed, backup your settings, and then you could >> try installing this, the most recent release version: >> >> http://downloads.openwrt.org/releases/17.01.4/targets/ar71xx >> /generic/lede-17.01.4-ar71xx-generic-wzr-600dhp-squashfs-sysupgrade.bin >> >> Development is currently converging on a new release (hopefully in the >> next month or so, but I'd wait on that). >> >> On Tue, Apr 24, 2018 at 2:12 PM, Dick Steffens <d...@dicksteffens.com> >> wrote: >> >>> OPB has an article about router vulnerability. >>> >>> https://www.opb.org/news/article/npr-sounding-the-alarm-abou >>> t-a-new-russian-cyber-threat/ >>> >>> It recommends following your router manufacturer's guidance on making >>> sure the router is secure. It doesn't say specifically what to search for. >>> I have a Buffalo WZR-600DHP running OpenWrt LuCI, Attitude Adjustment >>> 12.09. What foo should I use to determine what version of firmware I should >>> be running to be reasonably secure? >>> >>> -- >>> Regards, >>> >>> Dick Steffens >>> >>> _______________________________________________ >>> PLUG mailing list >>> PLUG@pdxlinux.org >>> http://lists.pdxlinux.org/mailman/listinfo/plug >>> >> >> > _______________________________________________ PLUG mailing list PLUG@pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug