Date: Thu, 22 Dec 2016 11:26:31 +0000 (UTC) From: Nicholas Prowse <nick5990@...oo.co.uk> To: <oss-security@...ts.openwall.com> Subject: Re: Curious about the security of my router fermwair. Jonathan, - My suggestion is to port scan all devices eg routers you own. Then store and analyse the results. Only scan devices you own since scanning other peoples devices / networks may be illegal. - A wide variety of tutorials and information about port scanning is available online. - I found through port scanning some of the devices I own earlier this year, that there were many open and filtered ports and stated services such as telnet, upnp, and ssdp. I found out via research that these services / protocols have had vulnerabilities in the past that are publicly known. There are likely many devices with known and unknown weaknesses in circulation. - shodan.io can tell one how many requests are being sent by specific services / protocols. Some results were quite surprising to me. Q: Does anyone know if there are databases / listings / websites that have port scan results by device? If yes, some examples would be good. Regards, Nick -------------------------------------------- On Wed, 12/21/16, tapper <lancett01@...glemail.com> wrote: Subject: [oss-security] Curious about the security of my router fermwair. To: oss-security@...ts.openwall.com, oss-security@...ts.openwall.com Date: Wednesday, December 21, 2016, 11:39 AM Hi my name is Jonathan. I don't know if this is the write place to ask about this but here gos. I would like to know if any one would like to have a poke around at the third party router firmware I use on my router called Gargoyle. Its a easy to use interface built on top of Openwrt. I use this firmware because it has some grate plug ins and the user interface has grate a11y. I use a screen reader as I am blind and the html5 interface is easy for me to get around in. It's homepage https://www.gargoyle-router.com/index.php GitHub https://github.com/ericpaulbishop/gargoyle forum https://www.gargoyle-router.com/phpbb/index.php The devs behind Gargoyle are really nice people and have helped me out with bugs and made me a mod on the forum. What I would really like to know is just how secure is this firmware? I'm not a coder. I am just interested in how safe is my router firmware keeping me? If any one finds any sacurety bugs I know they will get fix. Thanks and sorry about my spelling Jonathan
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ