I started an FTP server quite a while ago hosting CFE's.. Since, there has been a few other files added.
I thought it would be a convenience for a user to go to my ftp site instead of plowing through threads that are 20+ pages to find a cfe.
Hosted are cfe's, OEM firmware, Some older dd-wrt firmware that was removed (pre 2011), flash chip data sheets, broadcom cfe programming instructions etc..
I get a few PM's in which a user bitches about being banned from the server (IP address).. Time to clear up the rules..
1). If your ftp client tries to log in with an "anonymous" user ID, you have 10 tries to get it right.. After that, the server thinks it is a hammer and automatically bans your ip. Don't let your ftp client attempt to login as "anonymous".
2). This is important.. Any attempt to access the rest of the my ftp site that is accessible via user name and password is futile. The old tricks of /../ (dot dot), as well as others (upload a php file, try to delete needed ftp config files, etc.) I see and laugh about, will not work. dd-wrt is only a small part of what I have running. Any attempt to "hack" the site.. not only makes me laugh, but does result in an IP ban. This all happens automatically with no intervention by me. I realize that most users have dynamic IP's.. does not matter.. Your new IP will also be banned (automatically), assuming you again try to access parts which are not allowed or "hack" the site.
The ftp site is running on a real computer with all kinds of protection.. It is not running off the router so the old linux hacks.. just will not work. You guys can keep trying though..
The schedule:
The rig running the ftp site restarts every morning @ 4:00am CST (-6 UTC). Every Sunday morning, the NAS drives get imaged (actual time varies.. Typically, the image starts between 8:00am and 10:00am and takes about an hour). During this time, the site may not be available.
Cheers!
EDIT: THE OLD CFE COLLECTION PROJECT WITH UPLOADS FOR DIFFERENT ROUTER CFE's CAN BE FOUND HERE:
http://www.dd-wrt.com/phpBB2/viewtopic.php?t=25971
You can still download CFE's that are available in that thread, but it is long and takes a lot of wading to find your CFE. The server that Barryware hosts is much more organized and contains all the CFE's that are in the thread. _________________ [Moderator Deleted]
Last edited by barryware on Fri Mar 01, 2013 19:51; edited 4 times in total
Ah, the joys of having a server forwarded to the outside world, as well as going through server logs of futile hacking attempts. Provides hours of entertainment! _________________ James
Main router:
Netgear R7000 overclocked to 1.2GHz - DD-WRT v3.0-r35965M kongac
IPv6 6in4 (HE.net), OpenVPN (with PBR and split tunnelling), Entware, dnsmasq with ipset
Well, since people use dynamic IPs you should consider blocking them for a month and then allowing them again. Otherwise, innocent people will be blocked. I thought that real crackers only attack servers through tor. _________________ 2 times APU2 Opnsense 21.1 with Sensei
2 times RT-AC56U running DD-WRT 45493 (one as Gateway, the other as AP, both bridged with LAN cable)
3 times Asus RT-N16 shelved
E4200 V1 running freshtomato 2020.8 (bridged with LAN cable)
3 times Linksys WRT610N V2 converted to E3000 and 1 original E3000 running freshtomato 2020.8 (bridged with LAN cable)
Joined: 26 Jan 2008 Posts: 13049 Location: Behind The Reset Button
Posted: Wed Feb 15, 2012 15:13 Post subject:
One more thing I see all the time...
If you have visited the site before, depending on what you are using for an ftp client, you should clear your cache..
For instance, there may have been a file someone uploaded to the "new uploads" folder. Once in a while, I check what has been uploaded and move it to the right place. So.. the file no longer exists in the "new uploads" folder.
Many times a user will try to download the file that no longer exists and they get an "access denied", "file not found" or some other type of error depending on the client. Typically this happens if you use your browser as the client and the folder is cached.
Frequent users use a freeware program called "FTP Commander". It does not login as anonymous, if the download blows out it will pick up where it left off. It allows complete folders to be downloaded instead of file by file, and it refreshes so if a file was moved or deleted, it will not show as existing in the folder. _________________ [Moderator Deleted]
Joined: 26 Jan 2008 Posts: 13049 Location: Behind The Reset Button
Posted: Sat Feb 18, 2012 14:46 Post subject:
This is what I am talking about in regards to clearing your clients cache.. the file the user is looking for has not been in the "new uploads" folder for weeks & weeks.
Joined: 08 Feb 2012 Posts: 13 Location: North coast - Ohio, USA
Posted: Sat Feb 18, 2012 16:20 Post subject: Posting/Uploading CFE files
Glad to see you still working on this; why, you're a regular 'Pioneer'!!
Some confusion on my part about this project (if there is currently an FAQ, I have yet to find it...)
I attempted to email a .cfe to the address shown in Eko's "sticky" to this address: "cfe dot backup at yahoo dot co dot uk" from this thread:
http://www.dd-wrt.com/phpBB2/viewtopic.php?t=25971
Only to have it "bounce" - aol says user does not have a valid email account at 'yahoo.co.uk' (i do see a note referencing YOUR ftp on page 9 - possibly that should go on page ONE and retire the big bold red lettered yahoo.uk address that doesn't work?
BUT...
before I upload/email/post as a reply to this thread (or the original thread) some junk you can't use/already have...
...Some questions (oh, jeeze; back to the missing/hard(impossible?) to find FAQ...
Does the .cfe file change from dd-wrt version to version?
... (i.e. - do you want both my .cfe's from svn 13046 AND 14929 for a given router? Just one from any given router?)
... Is the .cfe from a wrt54gs v 1.0 and v7.0 the same? (I'm guessing not)
... I'm interested in using a compressed .cfe to load micro-plus on a "neutered" router; is it better to use a .cfe from your ftp site, or compress my own?
thanks for all your good works! -bob
(P.S. - I'm voting for retire and/or replace Eko's Sticky with YOURS - ) _________________ WRT54GS v7.0
v24sp2 build 14929
Posted: Sat Feb 18, 2012 18:12 Post subject: Re: Posting/Uploading CFE files
BobAT286 wrote:
...Some questions (oh, jeeze; back to the missing/hard(impossible?) to find FAQ...
Does the .cfe file change from dd-wrt version to version?
... (i.e. - do you want both my .cfe's from svn 13046 AND 14929 for a given router? Just one from any given router?)
... Is the .cfe from a wrt54gs v 1.0 and v7.0 the same? (I'm guessing not)
... I'm interested in using a compressed .cfe to load micro-plus on a "neutered" router; is it better to use a .cfe from your ftp site, or compress my own?
thanks for all your good works! -bob
1. No, it does not change. Not even a little bit. CFE is stable and protected.
2. Almost ALL CFE's are different for every make, model AND VERSION NUMBER of router. However, except the mac address, they are the same for the same make, model and version number of router, and a cfe from a wrt 54g v8.0 can be used in another wrt54g v8.0 and the router will work. (It could not be used in a wrt54g v8.1 or any other router version though)
3. Compress your own. Your CFE contains your mac address. You would have to hexedit it in if you used one from this site. Also compression is easier than jtag and doesn't require soldering.
Also, you don't need to email a cfe anymore. It can be attached to your post if it is not available and you wish to share it.. _________________ SIG:
I'm trying to teach you to fish, not give you a fish. If you just want a fish, wait for a fisherman who hands them out. I'm more of a fishing instructor.
LOM: "If you show that you have not bothered to read the forum announcements or to follow the advices in them then the level of help available for you will drop substantially, also known as Murrkf's law.."
Joined: 08 Feb 2012 Posts: 13 Location: North coast - Ohio, USA
Posted: Sat Feb 18, 2012 20:08 Post subject: What's that URL again?
Murrkf,
Thanks for the reply. In double-checking to make sure BarryWare had the 256K cfe for my router (I knew he had the compressed one, and, yeah, turns out the big one as well) but...
I went to look for the ftp address... The 1st post above has the login info, but not the url!
For your cutting and pasting convenience:
url=ftp://ftp.barryware.net
if someone would like to add it to the post at the top of the thread.
best regards -bob
Murrkf edit: Thanks for pointing that out. Fixed. _________________ WRT54GS v7.0
v24sp2 build 14929
Joined: 23 Feb 2012 Posts: 9 Location: Capelle aan den IJssel, The Netherlands
Posted: Thu Feb 23, 2012 9:44 Post subject:
Hey Barryware,
Noticed the ftp site is down, would it be possible to fetch the entire directory somewhere ? then ill place it on one of my mirror servers for everyone to use.
As im running my own hosting company, and as a big fan of the dd-wrt community, i would like to do something back, and those mirror servers have bandwidth enough spare.
Joined: 26 Jan 2008 Posts: 13049 Location: Behind The Reset Button
Posted: Thu Feb 23, 2012 13:20 Post subject:
evharten wrote:
Hey Barryware,
Noticed the ftp site is down,
Been without phones and internet since 1:00am cst (thursday). Called my isp which is a feat with no phones. They say it was planned maintenance / upgrade of the fiber system but something went wrong.
Edit: @ 8:50am, internet is back & ftp is up. _________________ [Moderator Deleted]
Joined: 23 Feb 2012 Posts: 9 Location: Capelle aan den IJssel, The Netherlands
Posted: Thu Feb 23, 2012 15:49 Post subject:
Ok mirrored all files, ill put up the mirror online tomorrow, if you dont want certain folders from within the FTP public please let me know! then i'll exclude those.