1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Router hacked via iptraf in promiscuous mode

Discussion in 'Asuswrt-Merlin' started by dugaduga, Dec 6, 2018.

  1. dugaduga

    dugaduga Regular Contributor

    Joined:
    May 12, 2018
    Messages:
    190
    I had installed iptraf via entware just to mess around a bit with monitoring... after enabling promiscuous mode, I was seeing packets flying around from the local neighborhood/node... soon browsing became largely unresponsive, and the router logs were showing some strange activity; eventually all activity was broken, including dropbear. Could not even log into the router. Had to hard-reboot the router and everything went back to normal; had read later that promiscuous mode can present security threats to wan facing gear (presumably with inadequate permissions security) Lesson learned!
     
  2. dugaduga

    dugaduga Regular Contributor

    Joined:
    May 12, 2018
    Messages:
    190
    I guess this is why wireshark warns users and requires a few extra steps to enable analyzation securely under linux.
     
  3. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    8,321
    Location:
    UK
    So nothing to do with hacking then. :rolleyes:
     
    ryzhov_al and JDB like this.
  4. dugaduga

    dugaduga Regular Contributor

    Joined:
    May 12, 2018
    Messages:
    190
    @ColinTaylor, Well I presumed it did after reading this anyway and noting all the vulnerabilities constantly patched within wiresharks passive packet sniffing software, cause I had never experienced such a hang before; though for all I know the software may have simply hung the router.

    "Enabling promiscuous mode could spell doom for your virtual network security, especially if inexperienced IT pros are at the helm. So take caution." https://searchservervirtualization....iscuous-mode-affects-virtual-network-security