'Re: [oss-security] Curious about the security of my router fermwair.'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] Curious about the security of my router fermwair.
From:       Nicholas Prowse <nick5990 () yahoo ! co ! uk>
Date:       2016-12-22 11:26:31
Message-ID: 1590235068.409323.1482405991070 () mail ! yahoo ! com
[Download RAW message or body]

Jonathan,

- My suggestion is to port scan all devices eg routers you own. Then store and analyse the \
results. Only scan devices you own since scanning other peoples devices / networks may be \
illegal.

- A wide variety of tutorials and information about port scanning is available online.

- I found through port scanning some of the devices I own earlier this year, that there were \
many open and filtered ports and stated services such as telnet, upnp, and ssdp. I found out \
via research that these services / protocols have had vulnerabilities in the past that are \
publicly known. There are likely many devices with known and unknown weaknesses in circulation.

- shodan.io can tell one how many requests are being sent by specific services / protocols. \
Some results were quite surprising to me.

Q: Does anyone know if there are databases / listings / websites that have port scan results by \
device? If yes, some examples would be good.

Regards,
Nick

--------------------------------------------
On Wed, 12/21/16, tapper <lancett01@googlemail.com> wrote:

 Subject: [oss-security] Curious about the security of my router fermwair.
 To: oss-security@lists.openwall.com, oss-security@lists.openwall.com
 Date: Wednesday, December 21, 2016, 11:39 AM
 
        Hi my name is
 Jonathan. I don't know if this is the write place to ask 
 about this but here gos.
 
 I would like to know if any one would like to have a poke
 around at the 
 third party router firmware I use on my router called
 Gargoyle.
 Its a easy to use interface built on top of Openwrt.
 
 I use this firmware because it has some grate plug ins and
 the user 
 interface has grate a11y. I use a screen reader as I am
 blind and the 
 html5 interface is easy for me to get around in.
 
 It's homepage
 https://www.gargoyle-router.com/index.php
 GitHub
 https://github.com/ericpaulbishop/gargoyle
 forum
 https://www.gargoyle-router.com/phpbb/index.php
 
 The devs behind Gargoyle are really nice people and have
 helped me out 
 with bugs and made me a mod on the forum.
 What I would really like to know is just how secure is this
 firmware?
 
 I'm not a coder. I am just interested in how safe is my
 router firmware 
 keeping me?
 
 If any one finds any sacurety bugs I know they will get
 fix.
 
 Thanks and sorry about my spelling
 Jonathan             
               
 


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic