Alistair Cotton
Member
Hi All
I'm hoping to get some assistance with regard to broadband router security. I've just replaced my Linux server with a single router device - Edimax BR-6215SRg.
The idea is to reduce energy consumption by using a small 12v device (planned backup inverter/solar installation).
The Linux server got good marks with a free online security test at Qualys. However, Qualys seems to find all kinds of vulnerabilities in the Edimax router.
I switched on all the logical security settings on the router which seemed to have no impact on the Qualys report. I've now also downloaded the and installed the latest firmware for the device - but not tested again as yet.
The Qualys report seems pretty bad to me, the worst of which seems to be some kind of brute force password issue on the router itself:
[Vulnerability Severity Level 5 (Urgent)] 5 NetBIOS Brute Force of Accounts
[Vulnerability Severity Level 4 (Critical)] 4 Null Session/Password NetBIOS Access
[Vulnerability Severity Level 4 (Critical)] 4 Remote User List Disclosure Using NetBIOS
[Vulnerability Severity Level 3 (Serious)] 3 Samba "receive_smb_raw()" Buffer Overflow (RHSA-2008:0288-4)
[Vulnerability Severity Level 3 (Serious)] 3 Samba Security Update (RHSA-2007-0354)
[Vulnerability Severity Level 3 (Serious)] 3 Samba "domain logons" remote code execution (Sun Solaris 238251) (RHSA-2007:1114)
[Vulnerability Severity Level 3 (Serious)] 3 NetBIOS Name Conflict Vulnerability
[Vulnerability Severity Level 3 (Serious)] 3 WINS Domain Controller Spoofing Vulnerability
[Vulnerability Severity Level 3 (Serious)] 3 NetBIOS Release Vulnerability
[Vulnerability Severity Level 3 (Serious)] 3 NetBIOS Shared Folder List Available
Any ideas on how to obtain a better network security using the Edimax device?
Additional info:
I have 1 x "Telkom" (old generation) DSL modem.
The Edimax router plugs into the DSL modem and provides access and client ftp (the only real reason why I needed the server in the past).
The Edimax router then plugs into the network and is set up as the DHCP server for all other computers.
Help much appreciated.
Regards
Alistair
I'm hoping to get some assistance with regard to broadband router security. I've just replaced my Linux server with a single router device - Edimax BR-6215SRg.
The idea is to reduce energy consumption by using a small 12v device (planned backup inverter/solar installation).
The Linux server got good marks with a free online security test at Qualys. However, Qualys seems to find all kinds of vulnerabilities in the Edimax router.
I switched on all the logical security settings on the router which seemed to have no impact on the Qualys report. I've now also downloaded the and installed the latest firmware for the device - but not tested again as yet.
The Qualys report seems pretty bad to me, the worst of which seems to be some kind of brute force password issue on the router itself:
[Vulnerability Severity Level 5 (Urgent)] 5 NetBIOS Brute Force of Accounts
[Vulnerability Severity Level 4 (Critical)] 4 Null Session/Password NetBIOS Access
[Vulnerability Severity Level 4 (Critical)] 4 Remote User List Disclosure Using NetBIOS
[Vulnerability Severity Level 3 (Serious)] 3 Samba "receive_smb_raw()" Buffer Overflow (RHSA-2008:0288-4)
[Vulnerability Severity Level 3 (Serious)] 3 Samba Security Update (RHSA-2007-0354)
[Vulnerability Severity Level 3 (Serious)] 3 Samba "domain logons" remote code execution (Sun Solaris 238251) (RHSA-2007:1114)
[Vulnerability Severity Level 3 (Serious)] 3 NetBIOS Name Conflict Vulnerability
[Vulnerability Severity Level 3 (Serious)] 3 WINS Domain Controller Spoofing Vulnerability
[Vulnerability Severity Level 3 (Serious)] 3 NetBIOS Release Vulnerability
[Vulnerability Severity Level 3 (Serious)] 3 NetBIOS Shared Folder List Available
Any ideas on how to obtain a better network security using the Edimax device?
Additional info:
I have 1 x "Telkom" (old generation) DSL modem.
The Edimax router plugs into the DSL modem and provides access and client ftp (the only real reason why I needed the server in the past).
The Edimax router then plugs into the network and is set up as the DHCP server for all other computers.
Help much appreciated.
Regards
Alistair
Last edited: