Warning: in_array() expects parameter 2 to be array, string given in /virtual/theblogs.bestsolution.at/httpd/htdocs/wp-content/plugins/google-one/google-plus-one.php on line 344

Warning: in_array() expects parameter 2 to be array, string given in /virtual/theblogs.bestsolution.at/httpd/htdocs/wp-content/plugins/google-one/google-plus-one.php on line 346

Linksys RVS4000 telnet madness


Warning: in_array() expects parameter 2 to be array, string given in /virtual/theblogs.bestsolution.at/httpd/htdocs/wp-content/plugins/google-one/google-plus-one.php on line 344

Warning: in_array() expects parameter 2 to be array, string given in /virtual/theblogs.bestsolution.at/httpd/htdocs/wp-content/plugins/google-one/google-plus-one.php on line 346

Our company’s network access is implemented by an ordinary DMZ style configuration, with one firewall being directly at the outside and one internal firewall shielding the internal net from the DMZ.

For various reasons we had to replace our internal firewall and decided to go with the (affordable) Linksys RVS4000 [1], mostly because it runs Linux and equally imporant it offers QoS and gigabit ethernet.

Due to some problems with getting QoS doing what I wanted, I decided to look for options to directly access the box using telnet or even better ssh.

Telnet access can be easily activated by browsing to
http://$ROUTER_IP/Hidden_telnet.htm but guess what happens after activating it …

It allows you to log into the box as root without any password and the worst part of all, it even opens the telnet port to the WAN side, leaving the box completely open for any kind of attack – if could be even regarded as an attack then …

Using some kind of firewall trick you can at least reroute WAN access to nirvana, but having a passwordless telnet running even on the internal side is unacceptable. Absolutely weird for a “business” device.

[1] http://www-at.linksys.com/servlet/Satellite?c=L_Product_C2&childpagename=AT%2FLayout&cid=1174609010863&pagename=Linksys%2FCommon%2FVisitorWrapper&lid=1086318843B01

Spread the love

5
Leave a Reply

avatar
4 Comment threads
1 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
2 Comment authors
Peter BrimacombeUdo RaderWilliam L. DeRieux IVAnonymous Recent comment authors
  Subscribe  
newest oldest most voted
Notify of
Anonymous
Guest
Anonymous

this is because this is a hidden feature, likely intended for debug and development, not for use while in production

Anonymous
Guest
Anonymous

@Anony – WHAT? What’s the point if it’s not secured and everyone can access it after little Googling.

William L. DeRieux IV
Guest

Well, the best way (as for debugging, etc) is to:
1) enable it
2) do whatyou need to
3) disable it…(never leave it enabled by default)

Udo Rader
Guest

yes, exactly. Just be aware that once you enable telnet, it is accessible from the WAN side without password as well.

Peter Brimacombe
Guest

that’s the worst!

Post Navigation