[TriLUG] Anybody using DD-WRT?
Brian Daniels
bitmage at pobox.com
Fri Aug 1 09:11:41 EDT 2008
So, to follow up from my original...
I got the following reply from BrainSlayer, the dd-wrt dev:
"it was implemented years ago for a customer, since we are maintaining the
networks in a small town here in germany.
these both ip's arent valid anymore and i removed it from my code as well
yesterday.
but thanks for finding it."
Apparently it's a backdoor created for a customer that got left in by accident
on the main builds. As noted by Jason upthread, the code is full of worrisome
things. A bunch of IFDEFs that create firewall openings and account/password
combinations. Obviously for different customers, but having them in the main
tree seems like a bad idea to me.
Few people are going to build the firmware binaries themselves, so most won't
know what IFDEF options are active in the build they're using. Hopefully there
aren't any other forgotten ones from years ago.
It's a sobering reminder about trusting code. It was almost by chance that I
found it - had I not wanted to do something a little unusual with allowing
outside access, I wouldn't have looked at the raw iptables rules at all. DD-WRT
has been around for a while, seems well-trusted, and I would have assumed that
it was creating a secure firewall.
As it is, that string of IFDEFs bothers me enough that I won't be using DD-WRT
any further. Of course, it's not like I have the time/skills to do a code audit
on OpenWRT or Tomato. You gotta trust somebody...
--Brian
--
Be it thy course to busy giddy minds
With foreign quarrels; that action, hence borne out,
May waste the memory of the former days.
Henry IV, Part 2
Brian Daniels bitmage at pobox.com
http://www.eviloverlord.net
More information about the TriLUG
mailing list