[MLB-WIRELESS] Dlink AP security hole etc.

Craig Sanders cas at taz.net.au
Tue Jan 21 21:02:16 EST 2003 

On Tue, Jan 21, 2003 at 04:04:32PM +1100, paul van den bergen wrote:
> so I would be interested in hearing what versions allow uncontrolled
> patching.  and also if it is a version bug or a patch permission bug
> (or both even...  either way, it is a worry)

yeah, i'd like to know that too.  the only things i've read on it are
very unclear on whether v2.5 introduces the vulnerability or whether it
was also in previous versions.


> > if i ping from say the laptop to antifsck , then tcpdump shows the
> > arp request going out the wlan0 interface, but it never gets seen by
> > antifsck.  AFAICT, it's just being blocked by the AP.  ditto for any
> > traffic from antifsck to the laptop.  not good.
> 
> bridging issue?

bridging or routing.

it's a bug, whatever it is.


> > 2. the second major problem is that with v2.5, the AP seems to forget
> > about clients if it doesn't hear from them for a while.
> 
> turn off sleep mode settings?

there doesn't appear to be any sleep mode setting in v2.5 firmware.


> > i should downgrade to 2.4 firmware and see if the problem goes away.
> > but then i lose the useful ability to set the Tx power to 19dbm
> > rather than the puny 13-15dbm.
> 
> there were some links floating around about using crofted snmp packets
> to set this... is this whatr you are referring to? or is it an
> interface option...

i've never heard of that before - got a URL?


> similarly, is OpenAP (http://opensource.instant802.com/) an option for this 
> machine... Hmmm </lazy>

i asked them about this on the openap list about two months ago.  they
seemed far more interested in complaining about the inadequacies of
various products (even though they might be better than the ancient,
obsolete, and unobtainable hardware they are currently using) than they
are in considering the possibilities of new hardware.

looking at the list archives, it seems a recurring event on the list:
someone comes along and asks "what about product X? could that be used
for openap?".  one or two people make serious and useful answers, then
someone will flame away about how it's nowhere near as good as the
mythical super-product that everyone wished was available and it all
goes downhill from there.

dunno.  it's possible.  i wouldn't hold my breath waiting.


> from google...
> http://www.pasadena.net/aprf/
> for Linksys WAP11, SMC MC2655W and the Netgear ME102
> 
> excert from http://www.wirelessworld.com.au/DLink%20DWL900AP.htm
> 
>     D-Link DWL-900AP 11MBps Wireless Access Point
> ...
> The DWL-900AP is essentially the same as the DWL-1000AP but configuration & 

AFAIK, it's not.  my memory may be playing tricks on me, but i
understood that the DWL-900AP+ was completely different from the
1000AP/Wap11/etc.

craig

-- 
craig sanders <cas at taz.net.au>

Fabricati Diem, PVNC.
 -- motto of the Ankh-Morpork City Watch

To unsubscribe: send mail to majordomo at wireless.org.au
with "unsubscribe melbwireless" in the body of the message

More information about the Melbwireless mailing list