to be clear ... when i talk about Redmond education, this is not about the product, but the policy of "assistance" (i'm not sure about the correct english tranlation). I mean User is treat as dummy, always need to be assist, so as result users could become nut never thinking by themself, always waiting for someone to do things for them.
Hey, fine with me just willing to make a point,
nothing more and the point is that... there's no
need for a flame; if the folk didn't notice there
was a vuln in DD-WRT till now then... up to him,
as long as he doesn't make it up with the DD-WRT
team which, all in all, fixed the hole time ago
AND sent around announces (heck, the issue was
disclosed and discussed around quite a lot at the
time); aside from that, I agree about the fact that
a lot of users are expecting to go on "autopilot"
and don't want to "think" yet some kind of
automatic "notice checker" embedded into DD-WRT
would imVVHo be a good thing; there aren't just
"lazy admins" around, there are "busy admins" too
and while this doesn't justify them I may understand
how things may "slip"
There should be a method of notification when necessary (opted by each user of course), if only in the paid version. Security flaws are sort of a big deal, this is how companies like Redhat stay in business....notifications and patches to security flaws/vulnerabilities. DD-WRT paid is no different, or at least if shouldn't be. _________________ Eko Builds
Is it possible to tell if you've been a victim of this exploit? I got a warning from my ISP stating that my IP has been logged brute forcing accounts on another server. I'm 99.9% sure it's not one of my computer nodes, but I believe it might be the router that is doing this. How can I tell? Would updating the router solve the issue as well as clean it of any harm that may have already been done?
Is it possible to tell if you've been a victim of this exploit? I got a warning from my ISP stating that my IP has been logged brute forcing accounts on another server. I'm 99.9% sure it's not one of my computer nodes, but I believe it might be the router that is doing this. How can I tell? Would updating the router solve the issue as well as clean it of any harm that may have already been done?
What servers IP address? I heard MDW (mydroidworld) got attacked by DDOS a couple of days ago. _________________ Eko Builds
I will have to look when I get back home, don't remember it by name. My ISP took my Internet down, so I went to a friends house. I updated the FW on my router to the latest version, just hoping their isn't some kind of rootkit on the router now, since this essentially gives them full control over it.
I think the IP started with a 62., I will post it up when I get home. Kind of curious on who's network it is myself.
They told me it was just doing port scans and brute force attacks on port 22 (SSH)
Is it possible to tell if you've been a victim of this exploit? I got a warning from my ISP stating that my IP has been logged brute forcing accounts on another server. I'm 99.9% sure it's not one of my computer nodes, but I believe it might be the router that is doing this. How can I tell? Would updating the router solve the issue as well as clean it of any harm that may have already been done?
The original post was dated back year and more ago. Do you have
new insight of the problem? At least, how did you connect
it to the message you got?
I mean look at this forum, the wiki, the main page. I think this firmware is extremely well documented and taken care of. (all things considered)
Almost too well documented, too much (conflicting, out of date) documentation!
It would be nice to have (and this is easy for me to say, as a mere non-contributing user):
- an RSS feed, supplying only security advisories
- an RSS feed, supplying all new software release information (fixed, new, etc.)
that way those of us who aren't actively reading the DD-WRT website and forums day in, day out, can get a notification in our favourite RSS feed reader (or, with rss2email tools, if you like email*) when there's something that needs everyone's attention.
(* I like email too, but I get a lot of it. Sometimes, for a specific bit of software I'm actively using, I like to have another means of seeing 'important news'.)
Joined: 06 Feb 2010 Posts: 7401 Location: Little Rock
Posted: Sun Aug 29, 2010 13:15 Post subject:
jrg wrote:
2disbetter wrote:
I mean look at this forum, the wiki, the main page. I think this firmware is extremely well documented and taken care of. (all things considered)
Almost too well documented, too much (conflicting, out of date) documentation!
It would be nice to have (and this is easy for me to say, as a mere non-contributing user):
- an RSS feed, supplying only security advisories
- an RSS feed, supplying all new software release information (fixed, new, etc.)
that way those of us who aren't actively reading the DD-WRT website and forums day in, day out, can get a notification in our favourite RSS feed reader (or, with rss2email tools, if you like email*) when there's something that needs everyone's attention.
(* I like email too, but I get a lot of it. Sometimes, for a specific bit of software I'm actively using, I like to have another means of seeing 'important news'.)
Not sure what is wrong with this RSS feed, but you might try it, may even like it!
I mean look at this forum, the wiki, the main page. I think this firmware is extremely well documented and taken care of. (all things considered)
Almost too well documented, too much (conflicting, out of date) documentation!
It would be nice to have (and this is easy for me to say, as a mere non-contributing user):
- an RSS feed, supplying only security advisories
- an RSS feed, supplying all new software release information (fixed, new, etc.)
that way those of us who aren't actively reading the DD-WRT website and forums day in, day out, can get a notification in our favourite RSS feed reader (or, with rss2email tools, if you like email*) when there's something that needs everyone's attention.
(* I like email too, but I get a lot of it. Sometimes, for a specific bit of software I'm actively using, I like to have another means of seeing 'important news'.)
Not sure what is wrong with this RSS feed, but you might try it, may even like it!
yes, there is, and I'd spotted that already and looked at it, but it's not really all that useful to anyone not intimately familiar with the source code and actively working on the project - it's a (terse) source code commit log coming out of TRAC.
As far as I can tell the builds are being created at certain changeset points, but there's nothing that seems to even accumulate those changeset messages. Even something that said:
28/07/2010
new build svn14853 includes:
14849 - override firewall for this interface if aoss is running
14850 - some spanish tran update, thx samueldg
14851 - adjusted channel selection in setup assistant
14852 - for US-EU only builds
14853 - ddns: this seems to work OK, tested with # and ( ...
could help (I suspect it would be far more useful to most of us than seeing all the commits as they are made). If there is something like this then I've not yet found anyone referring to it.
Instead, forum threads for each new build consist of people randomly testing to see if their own problems have been "magically" solved.
Don't misunderstand me - I'm glad that people are doing all this work on this project (it's certainly just helped me get some better use out of hardware crippled by a vendor's own software), but I think a whole lot of everyone's time could be saved in forum reading, posting, and wiki-searching/reading, if there were an authoritative feed of new builds and what they aim to fix.
But, coming back to the main discussion of this thread, about notification of security vulnerabilities.
Every OSS project ought to have a clearly identified place where such notifications will be made, and clear mechanisms for users to be proactively informed (be that a specific security announcement mailing list, RSS feeds - preferably several ways.) A source code commit log isn't it.