Menu
What's new
By:
Filters Better Search

security

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. sfx2000

    CVE-2024-3094 - XZ Utils Backdoor - addtional info

    This had some traction over in AsusWRT-Addon's thread... I would post there, but the thread was closed. https://www.snbforums.com/threads/backdoor-in-linux-xz-utils-on-linux-distros.89469/ A couple of good write ups and analysis for this CVE are below...
  2. sfx2000

    This one is kind of interesting - Client and AP issues with WPA2/3

    Might have slipped below the radar - but Android and Routers have an issue here... https://www.top10vpn.com/research/wifi-vulnerabilities/ wpa_supplicant: CVE-2023-52160 IWD: CVE-2023-52161
  3. tonymet

    WPA2 Shared Secret Rotation: How to avoid downtime?

    Let's assume you like to rotate your WPA2 shared secret (SSID passphrase) once a year. How do you do it without downtime and with minimal fuss? Is it possible to do it without changing SSID? Here's how I do it: Start with existing SSID `wireless-net` Add new virtual SSID `wireless-net-A`...
  4. sfx2000

    getaddrinfo() on glibc calls getenv(), oh boy

    It's found on go, but this is something of interest to many... https://rachelbythebay.com/w/2023/10/16/env/ Be safe out there...
  5. Yota

    Plans to migrate to OpenSSL 3.0?

    The current firmware is using OpenSSL 1.1.1, which already ends support in September 2023. This means that it is no longer possible to get public security updates since last month. I still remember that it took about a year to migrate from OpenSSL 1.0.2 to 1.1.1 in 2019. I know there's so much...
    • Yota
    • Thread
    • asus asuswrt kernel libopenssl merlin openssl openssl3 openvpn security
    • Replies: 36
    • Forum: Asuswrt-Merlin
  6. torstein

    How exactly do IoT smart devices pose a threat to home networks?

    I'm just curious, how exactly does a smart lock, or a light bulb or a smart kitchen appliance pose a threat? If you have your router properly set-up, disabled UPnP, enabled the firewall and no port forwarding, then there's no way some remote hacker can enter my home network through a security...
  7. T

    Merlin Firmware and CVE\Security Patches

    Hi, I need some information about how Security (CVEs) are handled in the Merlin firmware. There is a security advisory from around two weeks ago that ASUS have released to the public saying to patch the routers to the latest version of their original firmware. I have checked the details log for...
  8. C

    OpenVPN on TCP 443 or 80

    Hello all - I have multiple VPNs types going, Wireguard (via raspberry pi not via router), IPSec on RT-AX86U, and IPSec via Instant Guard -- the last two are really just me trying them out and as alternatives to Wireguard. I am running stock firmware. They all work well and as expected. What...
  9. H

    Securing iot devices with limitations and limited budget, well try maintain flexibility.

    Topic iot devices separated from Main devices within the home, but what qualifies as Main and what qualifies as iot and how to separate them when you don't have a switch that can tag packets? I also cannot run to land cables to the router or switches that I need to as each run through the house...
  10. G

    Router VPN / Streaming / Daisy Chain Routers / Security

    Hello, I use my home network which is connected to broadband internet connection for the purposes such as streaming, financial secured web accounts, insurance secured web accounts, and health secured web accounts. More recently it seems that the streaming services that I've used a VPN are now...
    • GoldWing
    • Thread
    • daisy chain routers router vpn security streaming
    • Replies: 32
    • Forum: VPN
  11. K

    Is Anti-Virus Software A Substitute For Firmware Updates?

    A family member recently got a letter from AT&T stating that their AT&T provided Pace 5268AC gateway will no longer receive firmware updates. The letter reads: "Don't worry! Your internet access and speed will not change. However, you will no longer receive the latest security patches...
  12. S

    Best performance and security addons

    Hi, Got an simple and easy question for you guys, what are the addons for optimal performance then best addons for security? Thanks
  13. I

    Is WPS really disabled?

    Hey all, I was curious about AsusWRT, and WPS. The toggle turns off when I set it to off, but there is a section in the configuration that still says enabled. Was curious if it's possible to fully disable WPS, or if this is just a glitch in the UI. Thanks - see attached screenshot. I have...
  14. I

    Three Dumb Routers concept inroduced by Steve Gibson (2016)

    Hey guys, I was poking around and came across an old Security Now episode about the Three Dumb Routers concept. It seems as growing security threats increase, this would be a good configuration to consider. (especially with more smart devices onboard.) In my case, I have three routers I could...
    • iFrogMac
    • Thread
    • asus iot nat networking security three dumb routers tp-link wireless
    • Replies: 15
    • Forum: Routers
  15. I

    AIProtection vs Built-in Web Browser protection

    Hey all, I was curious as to what the thoughts were of AIProtection vs the built in protection of the web browsers today. I did some reading of some older threads here regarding if people recommended AIprotection, and the main verdict was yes. However, those threads were a year to several years...
  16. R

    Mac filter according to Dhcp reservation?

    Hi, In order to upgrade my security I would like to enable Mac filtering to prevent unknown device from connecting to my network what ever they know my SSID and PSK. I dont like to change my PSK periodic. This would take a lot of time with 30plus devices. Is there a way to enable Mac...
  17. S

    Spoof email purported to be from Norton

    I have an MBAM real time, which is a permanent licence - 10 years old — associated with one of the emails, which is no longer used except personal communications. I use a different email for shopping and a lot of them get forwarded via hide my IP. My AV is with bitdefender for 2 devices. It...
  18. Yota

    Tutorial How to reset encrypted admin password via SSH

    Asus and Asuswrt-Merlin have introduced encrypted passwords since 3.0.0.4.384_81790 and 384.17 firmware, which I appreciate, but I messed up a few days ago. I tried backing up all encrypted password hashes in nvram in ssh and re-writing to nvram, but I found that even though nvram didn't change...
  19. J

    ASUS Router Security

    It bothers me that ASUS routers do not provide an option in setup to prevent access to their Web management pages from the WAN. All routers I've used previously have done this, and often more, like preventing wireless login to the management pages and/or allowing only specified MAC addresses to...
  20. S

    Another firewall advice

    I have lost my second PfSense router to another friend of mine for the 2nd time in as many years! Anyway, they were on an old hardware and I was planning an upgrade; because, we have starting planning a home-automation project. We want to lockdown the network before we do anything on this...
Top