bigkid DD-WRT Novice
Joined: 01 Aug 2006 Posts: 1
|
Posted: Tue Aug 01, 2006 10:20 Post subject: DD-WRT ChilliSpot Security Issue Resurfaced.. |
|
Hi all,
It's been a long time since my last DD-WRT experience.
Refering to the old security hole mentioned in DD-WRT old forum: http://forum.bsr-clan.de/viewtopic.php?t=2235
This issue still has resurfaced in v23SP1 (dunno about other vers).
With chillispot enabled, hospot users with manually assigned ip addresses can freely access your private lans (192.168.1.0/24) and surprisingly the internet as well, to fix this problem you need to add these to your firewall rules (i.e. rc_firewall), otherwise they can bypass ChilliSpot:
iptables -I FORWARD 1 -s 192.168.1.0/24 -j DROP
iptables -I FORWARD 1 -d 192.168.1.0/24 -j DROP
(assuming your private lan is 192.168.1.0/24)
BrainSlayer: Hope this issue is fixed for good this time.
-tony |
|