After takin' a swig o' grog, Terry Porter belched out
this bit o' wisdom:
> Hadron wrote:
>
>> Terry Porter <linux-2@xxxxxxxxxxxxxxx> writes:
>>
>>> I've made up probably 30 WRT54GL's with OpenWRT for WiFi clients over the
>>> last 3 years.
>>
>> That would explain a lot.
>>
>> From the OpenWRT web page:
>>
>> http://it.slashdot.org/article.pl?sid=09/03/23/2257252
>>
>> ,----
>> | OpenWRT/DD-WRT devices all appear to be vulnerable.
>> `----
>>
>> Terry "Telnet" Porter strikes again ....
>
> Thanks for the laugh dimwit.
I'm having trouble distinguishing Hadron from DFS on this one. Why?
Because, like DFS, Hadron only posts the half of the story that fits his
anti-OSS agenda. He left this out:
Just a little clarification regarding the article [1] recently posted on
/. about a stealth router-based botnet [2]:
- OpenWrt blocks any open port from the WAN side by default ;
- OpenWrt does not provide a "default" password ;
- Any device with weak passwords that can run the binary is vulnerable ;
- As far as we know, there is no core vulnerability in OpenWrt requiring
a security fix.
If you opened SSH on the WAN port, ensure you use a strong password for
your "root" account, or disable password authentication and rely on key
based authentication.
Yours truly,
--
The OpenWrt team
Oh dear! Hadron told a "porkie". Of course, if I followed Tim
Smith's advice, I'd let it lay, so Hadron's silly little FUD would go
uncontested.
--
"Not Hercules could have knock'd out his brains, for he had none."
-- Shakespeare
|
|
