Reply to post: Re: Scary stuff

High-end router flinger DrayTek admits to zero day in bunch of Vigor kit


Re: Scary stuff

I'd be interested to know how many weren't affected who had remote management enabled but without a whitelist/specific source specified. I also had 443 open for remote management (specified URL only) and SSL VPN (any address with the right credentials). I wonder if being unable to connect via IP was what saved me? If they can change the DNS setting, could they also change the firewall rules which would have allowed their address to be reached, otherwise I'd have been protected by them and everything would have stopped.

I'm looking forward to finding out more.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019