Recent content by Phantomski

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.
  1. Phantomski

    CVE-2021-20090 Vulnerability

    Absolutely. That said, you can still execute an attack from vulnerable internal LAN device, via compromised WiFi, etc, etc. LAN only is neither a replacement nor mitigation for poor internal security, just creates smaller attack surface. But as the saying goes, you have to succeed all the...
  2. Phantomski

    CVE-2021-20090 Vulnerability

    Great news, thanks guys. The four mentioned ASUS routers (albeit DSL versions) worried me a little, but good to know there are no hidden Arcadyan bits hidden in Asuswrt code.
  3. Phantomski

    CVE-2021-20090 Vulnerability

    Would this CVE also affect Merlin’s firmware, or is this just part of the original Asus code, not embedded in the custom version? https://www.tenable.com/cve/CVE-2021-20090 https://www.bleepingcomputer.com/news/security/actively-exploited-bug-bypasses-authentication-on-millions-of-routers/
  4. Phantomski

    replacement to RT-AC88U

    I have the same router (RT-AC88U). The ports 5-8 are so temperamental, that for my own sanity I've stopped using them altogether long time ago. In fact for the functionality a good L3 switch provides, I personally think it's better to use just one and then a downstream switch. I know you're...
  5. Phantomski

    replacement to RT-AC88U

    A question - how did the extra 4 ethernet ports on AC88U worked out for you? ;)
  6. Phantomski

    amtm amtm 3.2.0 Entware fails to update - opkg wget certificate error

    Thanks everyone. Sorted for now, 386 next.
  7. Phantomski

    amtm amtm 3.2.0 Entware fails to update - opkg wget certificate error

    which openssl returned correct /usr/sbin/openssl. /usr/sbin/openssl version still returned OpenSSL 1.0.2u 20 Dec 2019 For some reason it didn't get updated with the fw. For the moment, the updated cert store cured the issue, but of course 386 is the way. Soon! ;)
  8. Phantomski

    amtm amtm 3.2.0 Entware fails to update - opkg wget certificate error

    It's a bit old, I know. It's in the pipeline, but with setting up everything from scratch, I didn't have an opportunity yet. opkg install ca-certificates from http repo cured it. Thanks.
  9. Phantomski

    amtm amtm 3.2.0 Entware fails to update - opkg wget certificate error

    After update to amtm 3.2.0 on FW-384.18 (RT-AC88U), I can't update entware packages (armv7sf-k2.6). Downloading https://bin.entware.net/armv7sf-k2.6/Packages.gz *** Failed to download the package list from https://bin.entware.net/armv7sf-k2.6/Packages.gz Collected errors: * opkg_download...
  10. Phantomski

    Photo of the wizard's lab, 2021 edition

    If I can suggest - if you need more than 4 LAN ports (or even more than one for that matter), you’d save yourself a lot of hassle and gain a lot of flexibility, capability and additional security by a separate switch. Even with a relatively cheap managed Netgear, you get VLANs, Link Aggregation...
  11. Phantomski

    Completely tired to customize settings AX88U

    I probably wasn't clear about "what". Would you happen to know what was the vector to get in? What was the "backdoor" in your case? There are ways to get in, but with decent security settings, it's pretty robust.
  12. Phantomski

    SNMP - AX88u

    Do I sense one of our scripting gurus contemplating a solution? If yes, it's a massive thumbs up from me ;)
  13. Phantomski

    SNMP - AX88u

    With the loads and rPi as a local server kinda stuff... I'm a big fan of Docker. You can setup your rPi core OS with pretty light Linux server without GUI and any of the usual bloatware (I like Ubuntu Server, which might not be the best example, but with 20.04 LTS it's rPi-ready) and then run...
  14. Phantomski

    SNMP - AX88u

    I can only second that recommendation. I'm using the Argon ONE V2 at the moment, it's a great, well thought out and built case and I'm really happy with it. You can manually set the trigger temperatures for various fan speeds and the whole enclosure works as a passive cooler. With my current...
  15. Phantomski

    SNMP - AX88u

    Some good tips there, thanks a lot. I've yet to deploy and test the complete ELK stack, but for log collection and analysis, it's quite a good standard. Another one I'd like to explore is Prometheus. For now I've settled with Graylog as they have quite well designed customisable pipelines that...
Top