Recent content by panhead20

Attempting to block internet access on guest networks results in the message "192.168.101.153 is not a valid IP address!" Non-guest network is 192.168.1.X. Also attempting to change the icon also results in the same error message.

Reconfigured printer to correct error

https://news.sophos.com/en-us/2018/05/27/vpnfilter-botnet-a-sophoslabs-analysis-part-2/ Recommendations Regardless of whether you think your device has been hacked, power cycle the device, flash the latest firmware over the top of whatever’s on there, and perform a factory reset on the firmware...

The first stage implant sets up a cron job. You could check /var/spool/cron/crontabs for suspicious jobs. Not sure if after the 2nd and 3rd stage are installed, the cron job is deleted. Could check the modification date of the crontabs directory.

VPNFilter router malware is a lot worse than everyone thought Asus, D-Link, Huawei, Ubiquiti, UPVEL, and ZTE: these are the vendors newly named by Cisco's Talos Intelligence whose products are being exploited by the VPNFilter malware...

On the IPv6 setting disable Enable Router Advertisement

Check your LAN - DHCP setting; Advertise router's IP in addition to user-specified DNS Set this to No to stop your clients using the router's DNS.

That explains it. Thank you. Just when you think you understand how this router works, you realize you don't :)

Is the samba daemon supposed to be started and running when it is configured off through the gui? There are no shares showing. AC66R

Asus has release new firmware with several security fixes, - Fixed CVE-2015-6949 buffer overflow issue, special thanks for Elvis Collado at Praetorian. - Fixed Web server Accept-Language buffer overflow, special thanks for Elvis Collado at DVLabs. - Fixed Web server URL handler buffer overflow...

Is Asus vulnerable? https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150519-0_KCodes_NetUSB_Kernel_Stack_Buffer_Overflow_v10.txt

Could you please explain your earlier comment then,

Is ASUS and or Merlin Firmware vulnerable? http://arstechnica.com/security/2014/12/12-million-home-and-business-routers-vulnerable-to-critical-hijacking-hack/

ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (1) update information or (2) downloaded updates, which allows man-in-the-middle (MITM) attackers...

Please upgrade any module or software that increases stability or security. Routers are not performance file/print servers nor a NAS. If users are looking for performance file server, using a router is not a wise choice.