DD-WRT ChilliSpot Security Issue Resurfaced..

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
View previous topic :: View next topic  
Author Message
bigkid
DD-WRT Novice


Joined: 01 Aug 2006
Posts: 1
PostPosted: Tue Aug 01, 2006 10:20    Post subject: DD-WRT ChilliSpot Security Issue Resurfaced.. Reply with quote
Hi all,

It's been a long time since my last DD-WRT experience.

Refering to the old security hole mentioned in DD-WRT old forum: http://forum.bsr-clan.de/viewtopic.php?t=2235

This issue still has resurfaced in v23SP1 (dunno about other vers).

With chillispot enabled, hospot users with manually assigned ip addresses can freely access your private lans (192.168.1.0/24) and surprisingly the internet as well, to fix this problem you need to add these to your firewall rules (i.e. rc_firewall), otherwise they can bypass ChilliSpot:

iptables -I FORWARD 1 -s 192.168.1.0/24 -j DROP
iptables -I FORWARD 1 -d 192.168.1.0/24 -j DROP


(assuming your private lan is 192.168.1.0/24)

BrainSlayer: Hope this issue is fixed for good this time.

-tony
Back to top View user's profile Send private message
Sponsor
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum