An open source router built for security
Home routers are known for weak security. Turris Omnia is an attempt to build a better router through the power of open source.
Hundreds of Internet routers inhabit the IT consumer marketplace. However, the little boxes that connect our home or work offices to the Internet are continually causing a stir. At the end of November 2016, 900,000 customers of a German telecom company were cut off from the Internet for hours – and even for days – because the Speedport router supplied by the company fell victim to a denial of service attack.
Strangely enough, the attack was not even intended for the routers. Instead, the attackers wanted to penetrate the vulnerable remote maintenance interface of a completely different device type. In order to exploit an existing vulnerability of the targeted routers, and thus integrate them into a botnet, the attackers indiscriminately flooded the Internet with port-knocking packets to open a communication channel to the affected systems.
An investigation revealed that the company had left port 7547/TCP wide open on the devices; customers had warned the company as early as 2014 of this potential and completely unnecessary vulnerability, but for whatever reason, many devices were still vulnerable.
Buy this article as PDF
The bug was introduced back in 2009 and has been lurking around all this time.
The new release deprecates the sshd_config UsePrivilegeSeparation option.
Lives on as a community project
Five new systems join Dell XPS 13 Developer Edition that come with Ubuntu pre-installed.
The Skype Linux client now has almost the same capabilities that it enjoys on other platforms.
At CeBIT 2017, OpenStack Day will offer a wide range of lectures and discussions.
A major setback for the Linux desktop.
Improved support for GPU in virtualization.
News site for the openSUSE community falls victim to a Wordpress exploit.
The source code is available online.