Feeds

back to article Linksys vuln: Cisco responds

Cisco has identified the Linksys router affected by the vulnerability published by DefenseCode on January 14. In an e-mail to The Register, the vendor says its review shows the vulnerability only exists in the WRT54GL home router. “Following our assessment of information recently released by DefenseCode, we have confirmed a …

COMMENTS

This topic is closed for new posts.
Silver badge
Trollface

oldie but goodie

The fix was released years ago and its called tomato firmware. Tomato (and other custom firmware) was the main reason why people bought this router long after the hardware was obsolete.

12
1
Bronze badge

Re: oldie but goodie

Same here. My WRT54GL runs Tomato, does loads of fun things from web usage logging, per-client time restrictions (no midnight Skype for my kids' smartphones) secondary WiFi network for guests, openVPN client/server, variable broadcast power... It might not be the fastest router around, but I'd be hard pressed to part with it.

1
0
Linux

Better patch

A better patch is called DD-WRT, but Tomato, Gargoyle, OpenWRT and others make fine choices too! Stay away from the shoddy Fon stuff though. Seriously, does ANYONE use stock Linksys firmware on the WRT54GL?

6
2

Re: Better patch

Are you sure that these versions are not affected?

Leon Juranicvor, CEO DefenseCode confirms that this vulnerabilty does not work from the internet.

Asked whether Tomato, Robin, dd-wrt, Free-wrt are vulnerable he only points to busybox. As all of these share a common heritage I take this as a hint that all are vulnerable. In two weeks we will know more...

Quotes on Youtube:

...We're still investigating some tricks to exploit this vulnerability from the internet, but for now, yes - it seems safe from the outside of the network. Of course, unless services are available from the internet. ...

... Pause video on 1:51 my friend. It's busybox, right?. :)

0
0
Silver badge

Re: Better patch

So what about busybox? I'm not convinced that everything running busybox is vulnerable, and I'm curious what he was implying.

0
0
Silver badge

Re: Better patch

Yes if it was a universal busybox flaw than it would get a lot more press as a hell of lot of devices besides LInksys run it including most custom Android roms.

0
0
Silver badge

I collect WRT54G ver. 1 through ver. 4

They are old, cheap (~US$2.50 at junk shops), and just keep on working. I use 'em when setting up freebie 2-4 computer networks for needy families here in the North Bay (They need to come up with the loot for the DSL). The computers are usually 5+ years old, usually with between a quarter gig and half a gig of RAM, but perfectly functional. Most were saved from being scrapped by idiots who think they have to upgrade all the hardware when microsoft rolls a major rev.. The computers run Slackware (a much modified Slack12+KDE 3.X that I originally built for my technophobe Mother), the routers run Tomato.

Yes, DD-WRT is also a good option. I use it in the router in the barn's "club-house".

THAT said, know what you are purchasing when it comes to old hardware. Not all of the WRT54G series works when it comes to this kind of option. I almost never recommend Wiki, but in this case they have a fairly decent overview. See:

http://en.wikipedia.org/wiki/WRT54G

http://en.wikipedia.org/wiki/Tomato_Firmware

http://en.wikipedia.org/wiki/DD-WRT

2
0
Anonymous Coward

Re: I collect WRT54G ver. 1 through ver. 4

Yeah, seems some versions of WRT54 don't have enough flash memory to fit the DD-WRT or Tomato images in, and additionally some don't have the screw-in antennae so you can't change them, need to check HW versions to get the good ones like you say.

0
0
Go

Re: I collect WRT54G ver. 1 through ver. 4

Maybe you could even give people free internet access by means of directional WLAN antennas. Google for "cantenna". It is very simple, yet effective. Make sure you have line-of-sight, though.

You can easily get several kilometers with those surplus soup-cans.

0
1
Bronze badge
FAIL

"the vulnerability only exists in the WRT54GL home router"

"only"? Well, it's 'only' the most popular model Linksys. So that's all right then.

1
0

Re: "the vulnerability only exists in the WRT54GL home router"

i dont think the GL was the most popular. The WRT54G series (No L or GS) were probably the most popular as a series. Only a couple of versions cant run 3rd party firmware, but the firmware is limited. Adding a USB port or other storage device to them of course extended this.

0
0

Re: "the vulnerability only exists in the WRT54GL home router"

The GL is just a remake of the last version that had enough RAM and Flash for 3rd party firmware, but labelled with an "L" for Linux... It wasn't a new or different model, just renamed to avoid confusion on the shelf in shops.

0
0

legendary

My WRT54GL just wont die. Lighning storms have made the outlet it's connected to spew out fire and sparks, two summers in a row. Each time I just replaced the wallwart. The second time it happened I got a surge protector, which helped the situation in that every other outlet started spitting fire.

Losing the wallwart isn't even that big of a deal even for the internet addict, WRT54GL isn't too fussy about power, will run off of almost anything, the battery in your smoke detector (a minute or two), the batteries in that 80s boombox you still havent thrown out, or even a car battery will do, enough to tide over the addiction until the shops open and you can get new wallwart..

0
0

What about the WRT54G v4?

Did they replace the v4's firmware with the VxWorks-based firmware, or is it also affected? If I recall correctly, the WRT54GL is more or less the exact same model as the WRT54G v4. The older versions also ran the Linux-based firmwares - what about them?

0
0

My home network is composed of a WRT54G-TM as the base, and a WAP54g and Microsoft MN-700 as repeaters...all running DD-WRT. I have the WAP in my neighbor's house to serve them so they can help pay me for internet.

Begin the e-peen contest now.

0
0
FAIL

"fix" is out

not all problems fixed in new firmware.lol

0
0
This topic is closed for new posts.