Joined: 16 Nov 2015 Posts: 6436 Location: UK, London, just across the river..
Posted: Wed Nov 16, 2022 16:35 Post subject:
yep it was odd to me too, i usually have only ssh (key cyphered) as a remote mng...
48865 is too old and has lots of security holes and missing updated binaries..better move to the most recent 50841..than reset and manually rebuild settings... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
If you enable remote management, ssh and https are enabled by default. _________________ "The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost
"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio
Just did a nvram erase && reboot
then did a firmware upgrade
Remote access is enabled by default (which intuitively it has to be for someone managing dd-wrt remotely)
I am still concerned, someone with root access could have done anything. This is properly fucked, I really fucked up here. Does the firmware upgrade effectively erase everything on there?
I am not a linux/unix guru, and I don't even know how/where software would be installed. I'm thinking of wiping the drive completely then re-installing dd-wrt the hard way manually. How does the registration/serialization of dd-wrt for printer and usb support work? _________________ Google is Spyware
You should consider doing the update with the machine unaware of any network, whatsoever. Also, you overwrite the entire drive when you flash x86. Furthermore, if you have problems resetting to defaults, etc., you have to wipe the drive (write zeros):
https://wiki.dd-wrt.com/wiki/index.php/X86 _________________ "The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost
"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio
You should consider doing the update with the machine unaware of any network, whatsoever. Also, you overwrite the entire drive when you flash x86. Furthermore, if you have problems resetting to defaults, etc., you have to wipe the drive (write zeros):
Without knowing how passwords were compromised secure erase any local computers or at very least run scans.
I would backup everything, start over then scan images later offline or maybe sandbox or VM such as VirtualBox.