[Coco] My web page

Louis Ciotti lciotti1 at gmail.com
Tue Jan 7 15:47:54 EST 2014


I must say in all the years I have have the various broadband internet services I have never had any of the various routers I have had over the years hacked....   Not even an old headless 486 running Linux I used to share my ISP connection before routers were cheap.  The 486 ran for years unattended until the hard drive failed.  And even then it took a power failure for me to even notice it.  

Sent from my iPhone

> On Jan 7, 2014, at 3:25 PM, Gene Heskett <gheskett at wdtv.com> wrote:
> 
> Greets all;
> 
> Sometimes you have to be a little schmardter than the average bear.
> 
> I got tired of noting the extremely poor upload performance of my buffalo 
> hi-power router in recent weeks, a speed test showed what should have been 
> a 2 megabit upload speed was actually doing under 100k bits a sec.
> 
> So I tried to reset it and reflash it, but managed to about half brick it 
> because I couldn't find the reset button, turns out you have to snap the 
> snap on base off it for access to the reset button hole.
> 
> But when I put another netgear in its place, I DHCP'd a different IP 
> address from the one my registered name below points at.  Not good.  I 
> found a mini-dd-wrt install for it and put that in.  Same but wrong 
> address.
> 
> Called shentel, who gave me a run-around about how my address was dynamic.  
> Wanted to charge me another 5 bucks a month for a fixed address, but it 
> wouldn't be the old one.  Then they wanted the MAC from my router so they 
> could set it up, and the leds all came on spelling out _bingo!_
> 
> So I reset the Buffalo, hooked it up long enough to get its DHCP derived 
> address, which was indeed the old one and wrote down its WAN MAC.  Then I 
> switched cables around, logged into the netgear, and "cloned" that MAC into 
> its WAN port.   Bingo was right, and after a minor adjustment to httpd.conf 
> since this router cannot port forward AND translate the port #, so it is 
> now listening on port 6309, and my web page should be back up and 
> accessible again.
> 
> That netgear, a WNR-3500U/WNR3500L, running its own firmware, did not last 
> the night last night, when I woke up this morning it was working, but my 
> username and password had been changed.  Black Hat or NSA, same diff, 
> somebody got in and played.
> 
> There are not any backdoors in dd-wrt since its not even a US built 
> software.  I highly recommend it, if your router has enough flash and ram 
> to handle it.  The failed buffalo has 32 megs of flash, and 16 megs of ram 
> so it can do it all in one swell foop.  The netgear is much more resource 
> limited, so the install is a 2 step install, but it will fit in the 4 megs 
> of flash in that unit and do 95% of what the full version can do.  Setup a 
> decently long username and password, and NSA will be forced to use their 
> still a long ways from ready, Quantum computer to hack it before the 
> universe runs down.
> 
> Gotta love it when a plan comes together.  In the meantime I'll buy another 
> buffalo or similarly souped up router now that I know how to make the 
> switch invisible to shentel. :)
> 
> Now, if that pair of SALT chips would appear, but I think they may be 
> sealed in a bottle, thrown in the harbor in Shanghai so it will drift to 
> the US eventually.  I hope...
> 
> Cheers, Gene
> -- 
> "There are four boxes to be used in defense of liberty:
> soap, ballot, jury, and ammo. Please use in that order."
> -Ed Howdershelt (Author)
> Genes Web page <http://geneslinuxbox.net:6309/gene>
> 
> Chicago law prohibits eating in a place that is on fire.
> A pen in the hand of this president is far more
> dangerous than 200 million guns in the hands of
>         law-abiding citizens.
> 
> --
> Coco mailing list
> Coco at maltedmedia.com
> http://five.pairlist.net/mailman/listinfo/coco



More information about the Coco mailing list