[mythtv-users] Router problem (thought it was solved, but..)

Larry Finger Larry.Finger at lwfinger.net
Thu Apr 2 20:01:05 UTC 2009


Brian Wood wrote:
> On Thursday 02 April 2009 12:38:00 Larry Finger wrote:
>> James Crow wrote:
>>> You read correctly. dd-wrt is susceptible. I think the default settings
>>> of dd-wrt are set so that the attack will fail from the Internet side,
>>> but it is easy to set dd-wrt in a way that can be exploited.
>> You can also disable ssh logins to the standard firmware. That protects
>> against the exploit.
> 
> I didn't know the standard firmware included an ssh server, mine certainly 
> doesn't seem to. That would be very unusual for a consumer appliance.
> 
> Do you mean disable ssh into dd-wrt? That would make more sense.

Actually, you disable remote management in the standard firmware. If enabled, it
is done via https. The standard firmware does not have an sshd implementation.


More information about the mythtv-users mailing list