Recent content by hfm

That's interesting, I updated to the latest firmware as well not long ago and didn't notice this problem. I usually go through all the settings all over again every time I update to make sure nothing was changed that would be a security issue. I just re-logged in to check the guest network...

I thought we might not see another one, was considering putting it out to pasture.

lol.. very descriptive release notes...

Not sure, but it fixes three security issues so it's probably best to flash it and factory reset afterward.

It's a good practice to dump your browser cache when you update the firmware. I've had problems where the UI just didn't plain work at all until I dumped cache.

The three CVE's have not yet been disclosed in the MITRE db as of yet.. https://www.asus.com/us/Networking/RTN66U/HelpDesk_Download/

Horrible answer. I got hit by this plus the unauthenticated remote config exploit when the Android app did this without me realizing it. Thankfully I could find no trace of anything bad happening besides a PPTP VPN tunnel configured. None of my other devices audited/logged any intrusions or...

I got hit by this on my RT-N66U. Didn't realize the app did that. It seems the recent CVE that allowed unauthenticated commands to be sent to an exposed web interface was also taken advantage of. Looked like a PPTP VPN account was set up, but thankfully never used. I trawled through all my logs...

I started thinking about this again. I did a grep on pptp in the logs to see the first logged (I have logs going back 2 years on the system) pptp event.. This is what I came up with I only have a couple explanations of what the odd pptp log events could be. Port scanners? Does it not create a...

Where did you hear ? I had my eye on the 2600AC since I have a DS211+ with two 2TB drives in RAID1 that I've had for 7 years and It's still cranking like a trooper. Would be sad to hear they are giving up so quickly.

Wouldn't I see successful PPTP VPN connections in the log if it had ever been used? Yes I just set up a secondary one and I see in the logs where I connected to it. Guessing it was never used. Man Asus needs to log more stuff in their logs. Successful posts to the UI would be a really nice...

Well I just uninstalled and reinstalled the Asus App.. and the "previous" router configuration that is available in the app (it seems it cached this and kept it even through uninstalling/reinstalling the app) and that config DOES have "remote connection" and DDNS enabled. I probably just didn't...

Checking out this thread (thanks @OzarkEdge) for the mention. https://www.snbforums.com/threads/asus-router-app-security-warning.42819/ I just tried this app again and I do not see it enabling WAN acccess, however. Would it be possible that this app was the "client" that enabled PPTP VPN...

WELP.. I just found this, which was fixed in the latest firmware https://github.com/pedrib/PoC/blob/master/advisories/asuswrt-lan-rce.txt Fixed CVE-2018-5999 HTTP authorization bypass and CVE-2018-6000. An independent security researcher has reported this vulnerability to Beyond Security’s...

UGH! I have no idea how this happened but I found these in the log, starting on Feb 26... I NEVER NEVER NEVER open the web interface to the WAN, so I have no idea how this setting could have reverted miraculously. Unnerving. It doesn't look like it will log an IP for a successful interface...