Menu
What's new
By:
Filters Better Search

Recent content by hfm

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. H

    RT-N66u No "guest network" setup

    That's interesting, I updated to the latest firmware as well not long ago and didn't notice this problem. I usually go through all the settings all over again every time I update to make sure nothing was changed that would be a security issue. I just re-logged in to check the guest network...
  2. H

    ASUS RT-N66U Firmware version 3.0.0.4.382.51636

    I thought we might not see another one, was considering putting it out to pasture.
  3. H

    ASUS RT-N66U Firmware version 3.0.0.4.382.50702

    lol.. very descriptive release notes...
  4. H

    ASUS RT-N66U Firmware version 3.0.0.4.382.50470

    Not sure, but it fixes three security issues so it's probably best to flash it and factory reset afterward.
  5. H

    ASUS RT-N66U Firmware version 3.0.0.4.382.50470

    It's a good practice to dump your browser cache when you update the firmware. I've had problems where the UI just didn't plain work at all until I dumped cache.
  6. H

    ASUS RT-N66U Firmware version 3.0.0.4.382.50470

    The three CVE's have not yet been disclosed in the MITRE db as of yet.. https://www.asus.com/us/Networking/RTN66U/HelpDesk_Download/
  7. H

    Asus Router app and "unintentional" activation of remote access to router

    Horrible answer. I got hit by this plus the unauthenticated remote config exploit when the Android app did this without me realizing it. Thankfully I could find no trace of anything bad happening besides a PPTP VPN tunnel configured. None of my other devices audited/logged any intrusions or...
  8. H

    Asus Router app and "unintentional" activation of remote access to router

    I got hit by this on my RT-N66U. Didn't realize the app did that. It seems the recent CVE that allowed unauthenticated commands to be sent to an exposed web interface was also taken advantage of. Looked like a PPTP VPN account was set up, but thankfully never used. I trawled through all my logs...
  9. H

    ASUS RT-N66U Firmware version 3.0.0.4.380.8228

    I started thinking about this again. I did a grep on pptp in the logs to see the first logged (I have logs going back 2 years on the system) pptp event.. This is what I came up with I only have a couple explanations of what the odd pptp log events could be. Port scanners? Does it not create a...
  10. H

    Best Router for Apartment (fighting with other Wifi), plus specific needs below

    Where did you hear ? I had my eye on the 2600AC since I have a DS211+ with two 2TB drives in RAID1 that I've had for 7 years and It's still cranking like a trooper. Would be sad to hear they are giving up so quickly.
  11. H

    ASUS RT-N66U Firmware version 3.0.0.4.380.8228

    Wouldn't I see successful PPTP VPN connections in the log if it had ever been used? Yes I just set up a secondary one and I see in the logs where I connected to it. Guessing it was never used. Man Asus needs to log more stuff in their logs. Successful posts to the UI would be a really nice...
  12. H

    ASUS RT-N66U Firmware version 3.0.0.4.380.8228

    Well I just uninstalled and reinstalled the Asus App.. and the "previous" router configuration that is available in the app (it seems it cached this and kept it even through uninstalling/reinstalling the app) and that config DOES have "remote connection" and DDNS enabled. I probably just didn't...
  13. H

    ASUS RT-N66U Firmware version 3.0.0.4.380.8228

    Checking out this thread (thanks @OzarkEdge) for the mention. https://www.snbforums.com/threads/asus-router-app-security-warning.42819/ I just tried this app again and I do not see it enabling WAN acccess, however. Would it be possible that this app was the "client" that enabled PPTP VPN...
  14. H

    ASUS RT-N66U Firmware version 3.0.0.4.380.8228

    WELP.. I just found this, which was fixed in the latest firmware https://github.com/pedrib/PoC/blob/master/advisories/asuswrt-lan-rce.txt Fixed CVE-2018-5999 HTTP authorization bypass and CVE-2018-6000. An independent security researcher has reported this vulnerability to Beyond Security’s...
  15. H

    ASUS RT-N66U Firmware version 3.0.0.4.380.8228

    UGH! I have no idea how this happened but I found these in the log, starting on Feb 26... I NEVER NEVER NEVER open the web interface to the WAN, so I have no idea how this setting could have reverted miraculously. Unnerving. It doesn't look like it will log an IP for a successful interface...
See more
Top