On Apr 24, 2018, at 4:26 PM, Rich Shepard <rshep...@appl-ecosys.com> wrote:
> 
> On Tue, 24 Apr 2018, Dick Steffens wrote:
> 
>> OPB has an article about router vulnerability.
>> https://www.opb.org/news/article/npr-sounding-the-alarm-about-a-new-russian-cyber-threat/
>> 
>> It recommends following your router manufacturer's guidance on making sure
>> the router is secure. It doesn't say specifically what to search for. I
>> have a Buffalo WZR-600DHP running OpenWrt LuCI, Attitude Adjustment 12.09.
>> What foo should I use to determine what version of firmware I should be
>> running to be reasonably secure?
> 
> Dick,
> 
>  Brian Krebs had a blog post on this a while ago. The key thing to do --
> unless I'm badly mistaken -- is to change the admin's password from the
> factory default. If your LAN is on a different class C subnet, change the
> router's IP address from the standard 192.168.1.1 to an address on your
> subnet.
> 
>  And, while risking the wrath of Russell, limit access to the MAC addresses
> of your local hosts that will access it via radio.
> 
I'd also run by https://www.grc.com/x/ne.dll?bh0bkyd2 
<https://www.grc.com/x/ne.dll?bh0bkyd2> and make sure it doesn't find anything.

Also, as somebody else suggested, keep your firmware updated. What ever is the 
most recent "stable" train is what you want. I'd suggest making it a quarterly 
check to ensure things stay up to date.

--
Louis Kowolowski                                lou...@cryptomonkeys.org 
<mailto:lou...@cryptomonkeys.org>
Cryptomonkeys:                                   http://www.cryptomonkeys.com/ 
<http://www.cryptomonkeys.com/>

Making life more interesting for people since 1977

_______________________________________________
PLUG mailing list
PLUG@pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Reply via email to