Recent content by Mike808
-
M
RT-AC68U External Drive Format?
No exFAT support due to Microsoft licensing burden. Asus firmware options on the AC-68R are FAT32, NTFS, or HFS. You can manually SSH into the router and format the mounted drive using ext2. If you want to mount it on a Windows machine, you'll have to get an ext2 driver for Windows.- Mike808
- Post #4
- Forum: ASUS AC Routers & Adapters (Wi-Fi 5)
-
M
Best file system to use for USB HDDs on Asus Routers
Reference for ASUS filesystem support on USB drives: http://event.asus.com/2009/networks/disksupport/ And yes, no exFAT support due to Microsoft licensing burden. Asus firmware options on the AC-68R are FAT32, NTFS, or HFS.- Mike808
- Post #25
- Forum: Asuswrt-Merlin
-
M
Support file system exFAT?
Reference for ASUS filesystem support on USB drives: http://event.asus.com/2009/networks/disksupport/ And yes, no exFAT support due to Microsoft licensing burden. Asus firmware options on the AC-68R are FAT32, NTFS, or HFS.- Mike808
- Post #5
- Forum: Asuswrt-Merlin
-
M
Is this right? Official AsusWRT Samba uses SMBv1 only?
@bbunge might have something. Can it be packaged and downloaded like the other 'apps', and installed to the flash drive that is shared? If you need it, you clearly have a flash drive you want to share, so why not use the required USB flash drive itself to be shared as the storage for the...- Mike808
- Post #20
- Forum: ASUSWRT - Official
-
M
382.18547 (RT-AC68U) regenerates its SSL certificate on every boot
Extending @bughit's idea, openssl can generate a keypair, the CSR, receive the cert and CA chain into a PKCS#12 container file, password-protected using a generated password (like Plex's hashing a unique ID for enrolled servers under your account). To start the secure admin web GUI (https...- Mike808
- Post #26
- Forum: ASUSWRT - Official
-
M
382.18547 (RT-AC68U) regenerates its SSL certificate on every boot
The challenge is to eliminate all of that complexity entirely. That's why using a pre-trusted CA is critical. There is no reason users "need" to "run HER own CA", vet certificates, and then "SHE'd only need to import HER own CAs ... in ALL OF HER BROWSERS". All of them. That means the ones...- Mike808
- Post #25
- Forum: ASUSWRT - Official
-
M
382.18547 (RT-AC68U) regenerates its SSL certificate on every boot
The problem with self-signed certs is that most people don't use ssh. They see the internet from a browser. And browsers are doing everything they can to NOT allow users to trust self-signed certs. You can't tell the 'good' self signed certs from the 'bad' ones. And you can't expect web surfing...- Mike808
- Post #22
- Forum: ASUSWRT - Official
-
M
Is this right? Official AsusWRT Samba uses SMBv1 only?
Well that sucks. Any chance samba support can be dropped from the 'low end' models in a modular way? At some point you just can't turn a pig's ear into a silk purse. Are those low end owners expecting high-end file sharing? EOL can apply to routers too. Can't blame Samba team entirely. MS isn't...- Mike808
- Post #14
- Forum: ASUSWRT - Official
-
M
382.18547 (RT-AC68U) regenerates its SSL certificate on every boot
Straight from the thread title and the OP: (RT-AC68U) regenerates its SSL certificate on every boot This is both annoying and insecure. Firefox remembers accepted self-signed certs per site and re-prompts when the cert changes. The reason it does that is that a unexpected change of a...- Mike808
- Post #19
- Forum: ASUSWRT - Official
-
M
382.18547 (RT-AC68U) regenerates its SSL certificate on every boot
I did figure out how to extract the private key and certificate from my Plex. The password to the P12 file is the SHA512 hash of "plex" and your ProcessedMachineIdentifier (hex encoded). So now I have the key and the cert and can manually replace the router-generated one. The certificate is...- Mike808
- Post #17
- Forum: ASUSWRT - Official
-
M
382.18547 (RT-AC68U) regenerates its SSL certificate on every boot
The threat isn't a device taking over and pretending to be your router, it's compromised devices on your local home network doing bad things - to your router - without you knowing anything about it. You suggest I should take any compromised smart TV off my network ... as soon as I know it is...- Mike808
- Post #16
- Forum: ASUSWRT - Official
-
M
382.18547 (RT-AC68U) regenerates its SSL certificate on every boot
A self-signed certificate is the problem. It has no security value. You are logging into an anonymous device. Think about that. That's why browsers don't trust them. They also don't make it easy to override their predefined trusted CAs. It's not about encryption. It's about authenticating the...- Mike808
- Post #14
- Forum: ASUSWRT - Official
-
M
382.18547 (RT-AC68U) regenerates its SSL certificate on every boot
You must not have a home network with smart TVs that can sniff your home network and then compromise your router and turn your entire home network into a bot that mines crypto currency and DDoS on-demand. It's not just encryption. It's authenticating your device and protecting your router's...- Mike808
- Post #12
- Forum: ASUSWRT - Official
-
M
382.18547 (RT-AC68U) regenerates its SSL certificate on every boot
There are several problems with the self-signed cert being used to "secure" the admin gui with HTTPS. 1. It's a version 1 certificate - no extensions, means the cert can be used for *anything*. Solution: Should be a proper V3 cert, end-entity, limited to TLS/SSL Server purposes. 2. It's...- Mike808
- Post #10
- Forum: ASUSWRT - Official
-
M
Ransomware on SmartTV's now - TrendMicro Report
If only there were a way to isolate devices on our networks with some sort of iptables "jail". There is no reason my TV should be talking to any other site than the manufacturer, and I should have an easy way in my fancy-schmancy router to click a button and "jail" any device on my network and...- Mike808
- Post #10
- Forum: General Network Security