OpenSourcerer 1442 Posted ... (edited) People (who are involved in IT security in first place) read about the open port 32764 in routers from Cisco, Linksys, Netgear and Diamond having strange backdoor access to the configuration files of those routers. Long story short, there is a service listening on this port which accepts a variety of commands such as resetting the router or printing out all kinds of information, even passwords in plain text. Connecting to the router through telnet should return the string "ScMM" or "MMcS" if the service is running (it's for SerComm). It could be smart to check if your Cisco/Linksys/Netgear/Diamond router is listed here. Or use this python script. Or just connect to your router via telnet [your.router.ip] 32764 and see if you get one of the aforementioned strings back. Source #1 Source #2 ---- Update #1 ----First statements of manufacturers Linksys and Netgear. Both of them allegedly are "going through all possible vulnerabilites" and will publish more information on this after they did some analyzing. Fact is that they didn't even warn the users of those routers... strange, too...Source ---- Update #2 ----Cisco released a Security Advisory and is working on a fix. There are no workarounds so you have to wait for Cisco's update. ---- Update #3 ---- It's not over! Edited ... by gigan3rd 1 Staff reacted to this Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
dwright 25 Posted ... Could this be the NSA backdoor described in Jacob Appelbaum's recent speech? He specifically mentioned Cisco and I think possibly some of the other brands there. If anyone hasn't seen this, you definitely need to: Quote Share this post Link to post
OpenSourcerer 1442 Posted ... Could this be the NSA backdoor described in Jacob Appelbaum's recent speech? I don't know. From the PPTX:Guess #1Guess #2 Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
PirateParty 49 Posted ... So do they access your router through your modem? Or do they have to be in the vicinity? Not really sure how that works. Time to get a different router brand Quote Hide PirateParty's signature Hide all signatures https://cryptoforums.net/ Computing, Crypto, Security & Privacy Forum Share this post Link to post
OpenSourcerer 1442 Posted ... Cisco released a Security Advisory and is working on a fix. There are no workarounds so you have to wait for Cisco's update. Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
Poland1922 0 Posted ... There is no security fix for these backdoors. They were found by us the people, and now they are working hard to closing what we found and opening another hole for us to find later to yet again... For anyone who still is trusting.. My god :/ facebook has better privacy security features Quote Share this post Link to post
OpenSourcerer 1442 Posted ... There is no security fix for these backdoors. They were found by us the people, and now they are working hard to closing what we found and opening another hole for us to find later to yet again... This is somehow paranoid. Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
OpenSourcerer 1442 Posted ... There is no security fix for these backdoors. They were found by us the people, and now they are working hard to closing what we found and opening another hole for us to find later to yet again... This is somehow paranoid. But you were right. It's not over! It's still there! Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
iwih2gk 94 Posted ... As a security guy I frankly expect that both my router and any commercial modem are backdoor'd. My only hope (in my mind) is to configure a vpn tunnel with TOR afterwards using a linux OS, and then make CERTAIN only encrypted payloads are able to exit my laptops. Assuming that the payloads are sufficiently encrypted, then the router backdoor crap wouldn't really mean anything. It really bothers me that router mfg's would sell their customer's privacy out to "agencies". I am trying hard to look over the hardware on my laptops and apply safe practices. Its tough because the reality is its impossible if something really sinister is going on. The obvious one is the selection of an OS, and I won't go there to avoid arguments because of my lack of proof. In a world where I was using a "wired" home network, I would only use pfsense and that would be on my own hardware where I signed off on the components. As it is, for me, I really hope that my fully encrypted payload scheme is prohibiting some exposure from these obvious router backdoors. I guess time will tell. Quote Share this post Link to post
zhang888 1066 Posted ... Great findings. Another wake-up call for people that still wait for another reason in oder to switch to open-source rotuer firmwares, like pfSense or OpenWRT. Quote Hide zhang888's signature Hide all signatures Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees. Share this post Link to post
pfSense_fan 181 Posted ... Great findings. Another wake-up call for people that still wait for another reason in oder to switch to open-source rotuer firmwares, like pfSense or OpenWRT. I was just reading about the resurfacing of this exploit and recalled this post... came here to post about it. This is exactly why I switched to pfSense. I use an Asus router with merlin firmware in Access point mode only. Soon enough the pfSense guide I have made will have options to harden pfSense/OpenVPN added to it. It is being tested in PM's currently. 1 OpenSourcerer reacted to this Quote Hide pfSense_fan's signature Hide all signatures Have my guides helped you? Help me keep helping you, use my referral: How to set up pfSense 2.3 for AirVPNFriends don't let friends use consumer networking equipment! Share this post Link to post
anonym 22 Posted ... Hi everyone, Would you think a Linksys WRT54GS flashed with DD-WRT would have this backdoor?Thanks. anonym Quote Share this post Link to post
Visentinel 13 Posted ... anyone know if the billion 7800 models have these backdoors ? had a look on google and didn't find any results like linksys shows results. also dd-wrt doesn't support any billions.one interesting point to consider if you run your modem in bridge mode an have pfsense connect itself on pppoe i dont see how the backdoor could be reached Quote Share this post Link to post
Stack of computer parts 9 Posted ... Would configuring your firewall like is suggested by the airvpn team prevent them from obtaining any information about whats passing through the router? Quote Share this post Link to post