Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 22 Dec 2016 11:26:31 +0000 (UTC)
From: Nicholas Prowse <nick5990@...oo.co.uk>
To:  <oss-security@...ts.openwall.com>
Subject: Re: Curious about the security of my router
 fermwair.

Jonathan,

- My suggestion is to port scan all devices eg routers you own. Then store and analyse the results. Only scan devices you own since scanning other peoples devices / networks may be illegal.

- A wide variety of tutorials and information about port scanning is available online.

- I found through port scanning some of the devices I own earlier this year, that there were many open and filtered ports and stated services such as telnet, upnp, and ssdp. I found out via research that these services / protocols have had vulnerabilities in the past that are publicly known. There are likely many devices with known and unknown weaknesses in circulation.

- shodan.io can tell one how many requests are being sent by specific services / protocols. Some results were quite surprising to me.

Q: Does anyone know if there are databases / listings / websites that have port scan results by device? If yes, some examples would be good.

Regards,
Nick

--------------------------------------------
On Wed, 12/21/16, tapper <lancett01@...glemail.com> wrote:

 Subject: [oss-security] Curious about the security of my router fermwair.
 To: oss-security@...ts.openwall.com, oss-security@...ts.openwall.com
 Date: Wednesday, December 21, 2016, 11:39 AM
 
     Hi my name is
 Jonathan. I don't know if this is the write place to ask 
 about this but here gos.
 
 I would like to know if any one would like to have a poke
 around at the 
 third party router firmware I use on my router called
 Gargoyle.
 Its a easy to use interface built on top of Openwrt.
 
 I use this firmware because it has some grate plug ins and
 the user 
 interface has grate a11y. I use a screen reader as I am
 blind and the 
 html5 interface is easy for me to get around in.
 
 It's homepage
 https://www.gargoyle-router.com/index.php
 GitHub
 https://github.com/ericpaulbishop/gargoyle
 forum
 https://www.gargoyle-router.com/phpbb/index.php
 
 The devs behind Gargoyle are really nice people and have
 helped me out 
 with bugs and made me a mod on the forum.
 What I would really like to know is just how secure is this
 firmware?
 
 I'm not a coder. I am just interested in how safe is my
 router firmware 
 keeping me?
 
 If any one finds any sacurety bugs I know they will get
 fix.
 
 Thanks and sorry about my spelling
 Jonathan       
         
 

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ