User: Password:
Subscribe / Log in / New account

Default "secrets" on DD-WRT etc

Default "secrets" on DD-WRT etc

Posted Jan 7, 2011 9:54 UTC (Fri) by dsommers (subscriber, #55274)
In reply to: Default "secrets" on DD-WRT etc by rfunk
Parent article: Default "secrets"

I personally removed DD-WRT a few years ago when I discovered that there were hard coded ACCEPT rules from specific IP addresses. The forum discussion with the upstream developer did not build up any confidence in my eyes.

The argumentation which was used was that "these IP addresses are not valid any more and we will remove these iptables rules in the next release". That was without an ETA of the next release and it was nobody who saw any need of informing its users about this. Despite that a couple of simple 'nvram' commands was all which would be needed as a workaround.

So that the DD-WRT community does not see littleblackbox as a problem for their firmware, that does not surprise me at all. For me this is yet another reason why to stay away from DD-WRT.

I switched to X-WRT and later on to OpenWRT, and I find these two as much more open and secure router distributions. And it is quite easy to build the OpenWRT firmware yourself.

(Log in to post comments)

Default "secrets" on DD-WRT etc

Posted Jan 17, 2011 11:42 UTC (Mon) by eduperez (guest, #11232) [Link]

Probably not-so-related, but OpenWrt generates a new private key for SSH connections upon every firmware installation: I have reinstalled the same OpenWrt firmware on my router several times, and after each installation the SSH client detects a new key.

Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds