Found dd-wrt installed on my router

The network is the forum.

Moderators: Steel, notfred

Found dd-wrt installed on my router

Postposted on Mon Sep 02, 2013 12:35 am

So I've had an Asus rt n12 router for about 6 months now. Its been a good router and all and haven't had any problems with it except for when i came back labor day weekend. When i got back i found that none of my devices would connect and that my routers name had disappeared from all of my devices. The only thing different was the appearance of the wireless id dd-wrt. When i tried to log in to my router, i found myself at the final stages of dd-wrt setup where it asks you to make a username and password.

I'm kind of freaking out, no one in my house could of installed it cause they were gone for the weekend (and wouldn't know how to in the first place). What could of caused this?
guilmon14
Gerbil
 
Posts: 14
Joined: Wed Jan 26, 2011 4:51 pm

Re: Found dd-wrt installed on my router

Postposted on Mon Sep 02, 2013 1:04 am

I see that Asus promotes their compatibility with dd-wrt so that makes me wonder if they bundle that firmware alongside their own or if their firmware is dd-wrt based(skinned). In which case I imagine a factory reset of the router should fix it, the router documentation will detail how.

I imagine somebody tried to wirelessly hack into your network while you were gone and succeeded to an extent. Perhaps it was nothing nefarious though and it was just an electrical glitch. To be safe make sure you use WPA2 security with a lengthy key and random as possible key (I use this key generator, overkill it is but I know nobody is getting into my network by brute-force). Also make sure you change the routers administrator's account name and password to something other than the default.
Intel Core i5-4670K | Asus Z87-A | G.Skill 8GB 2400MHz CL10 | Asus DirectCU II R9 290 4GB | Samsung 840 120GB |Thermalright Macho | Lancool PC-K59
puppetworx
Gerbil XP
Silver subscriber
 
 
Posts: 494
Joined: Tue Dec 02, 2008 5:16 am

Re: Found dd-wrt installed on my router

Postposted on Mon Sep 02, 2013 1:14 am

puppetworx wrote:I see that [url=http://promos.asus.com/US/ASUS_DD-WRT/]
I imagine somebody tried to wirelessly hack into your network while you were gone and succeeded to an extent. Perhaps it was nothing nefarious though and it was just an electrical glitch.


There was a massive rain storm while i was gone and I did see comcast tech trucks (the ones with the lifts) driving around so i guess the power went down while i was gone.
guilmon14
Gerbil
 
Posts: 14
Joined: Wed Jan 26, 2011 4:51 pm

Re: Found dd-wrt installed on my router

Postposted on Mon Sep 02, 2013 1:25 am

Paranoia is usually a good thing especially when wireless internet is involved. Reset the router to factory defaults (may or may not get rid of dd-wrt), change the admin and access passwords (they're different from what you use for web accounts...right?), change the SSID, and you should be fine.
NovusBogus
Gerbil Elite
 
Posts: 520
Joined: Sun Jan 06, 2013 12:37 am

Re: Found dd-wrt installed on my router

Postposted on Mon Sep 02, 2013 5:53 am

One time I was staying at a friends house and he didn't have any internet but we found a weak unsecured signal. I connected to the persons router and flashed their firmware with DDWRT so I could increase the TX power of the router and basically adjusted everything to my liking. The person was none the wiser and I increased the signal strength to an acceptable level so my friend used it for about a whole year until he moved. True Story. :evil:
Proxicon
Gerbil
 
Posts: 27
Joined: Fri Jan 30, 2009 3:05 am

Re: Found dd-wrt installed on my router

Postposted on Mon Sep 02, 2013 8:09 am

Proxicon wrote:One time I was staying at a friends house and he didn't have any internet but we found a weak unsecured signal. I connected to the persons router and flashed their firmware with DDWRT so I could increase the TX power of the router and basically adjusted everything to my liking. The person was none the wiser and I increased the signal strength to an acceptable level so my friend used it for about a whole year until he moved. True Story. :evil:


Last time I flashed with dd-wrt it required a wired connection, I definitely wouldn't trust flashing a router wirelessly. Still if it's not your router that's neither here nor there...
Intel Core i5-4670K | Asus Z87-A | G.Skill 8GB 2400MHz CL10 | Asus DirectCU II R9 290 4GB | Samsung 840 120GB |Thermalright Macho | Lancool PC-K59
puppetworx
Gerbil XP
Silver subscriber
 
 
Posts: 494
Joined: Tue Dec 02, 2008 5:16 am

Re: Found dd-wrt installed on my router

Postposted on Mon Sep 02, 2013 9:42 am

The first thing I do is make sure remote management is disabled on all wireless connections.
If someone's going to hack my router, they'd at the very least need to have physical access.
jihadjoe
Gerbil Team Leader
 
Posts: 255
Joined: Mon Dec 06, 2010 11:34 am

Re: Found dd-wrt installed on my router

Postposted on Mon Sep 02, 2013 11:51 am

puppetworx wrote:
Proxicon wrote:One time I was staying at a friends house and he didn't have any internet but we found a weak unsecured signal. I connected to the persons router and flashed their firmware with DDWRT so I could increase the TX power of the router and basically adjusted everything to my liking. The person was none the wiser and I increased the signal strength to an acceptable level so my friend used it for about a whole year until he moved. True Story. :evil:


Last time I flashed with dd-wrt it required a wired connection, I definitely wouldn't trust flashing a router wirelessly. Still if it's not your router that's neither here nor there...


Except it makes you a pretty bad person.
Sony a7
Sony Zeiss 55/1.8 SSM, 24-70/4 SSM
Minolta 17-35/2.8-4 D, 100-300 APO, 100/2, 500/8
TheEmrys
Minister of Gerbil Affairs
Silver subscriber
 
 
Posts: 2171
Joined: Wed May 29, 2002 8:22 pm
Location: Northern Colorado

Re: Found dd-wrt installed on my router

Postposted on Mon Sep 02, 2013 12:11 pm

TheEmrys wrote:Except it makes you a pretty bad person.

Agreed. Depending on what's annoying your local Federal prosecutor, that dude may have some exposure.

As part of the day job I do wireless sweeps and see if the box is running on default configs. I will print a screenshot of 192.168.1.1 and leave it at that as I've established that I'm in.
Life is hard; but it's harder if you're stupid. Big Al.
Captain Ned
Global Moderator
Gold subscriber
 
 
Posts: 20319
Joined: Wed Jan 16, 2002 7:00 pm
Location: Vermont, USA

Re: Found dd-wrt installed on my router

Postposted on Mon Sep 02, 2013 1:07 pm

So i reset my router to factory settings and went to log in i found myself at dd-wrt again (final setup make new login/password). I guess asus just puts a skin on dd-wrt and touts the stuff as their own.
guilmon14
Gerbil
 
Posts: 14
Joined: Wed Jan 26, 2011 4:51 pm

Re: Found dd-wrt installed on my router

Postposted on Mon Sep 02, 2013 1:30 pm

Assuming it's legit, that's a pretty smart move on Asus' part. A lot of consumer router firmware really sucks; why reinvent the wheel?

My recommendation would be to go and download the latest firmware from their site, just in case.
(this space intentionally left blank)
just brew it!
Administrator
Gold subscriber
 
 
Posts: 37739
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: Found dd-wrt installed on my router

Postposted on Mon Sep 02, 2013 5:26 pm

My POS Buffalo router came with DD-WRT as well - to set it up with the Buffalo firmware required extra steps (and a flash).

I was extremely happy when I realized I didn't have to do anything to actually have a usable router.
Z68XP-UD4 | 2700K @ 4.4 GHz | 16 GB | 770 | PCP&C Silencer 950 | XSPC RX360 | Heatkiller R3 | D5 + RP-452X2 | HAF 932 | 1 TB WD Black w/ SRT
Waco
Gerbil Elite
 
Posts: 747
Joined: Tue Jan 20, 2009 4:14 pm

Re: Found dd-wrt installed on my router

Postposted on Mon Sep 02, 2013 7:01 pm

jihadjoe wrote:The first thing I do is make sure remote management is disabled on all wireless connections.
If someone's going to hack my router, they'd at the very least need to have physical access.


That's a smart move too. I seem to remember there being some kind of remote management exploit with dd-wrt routers not too long ago. Asus should have provided a fix for that if they were diligent. Still, if you don't use that feature (can't think of any times I'd use it myself) better to just turn it off for safety's sake.
Intel Core i5-4670K | Asus Z87-A | G.Skill 8GB 2400MHz CL10 | Asus DirectCU II R9 290 4GB | Samsung 840 120GB |Thermalright Macho | Lancool PC-K59
puppetworx
Gerbil XP
Silver subscriber
 
 
Posts: 494
Joined: Tue Dec 02, 2008 5:16 am

Re: Found dd-wrt installed on my router

Postposted on Tue Sep 03, 2013 9:20 am

guilmon14 wrote:I guess asus just puts a skin on dd-wrt and touts the stuff as their own.

just brew it! wrote:Assuming it's legit, that's a pretty smart move on Asus' part. A lot of consumer router firmware really sucks; why reinvent the wheel?


DD-WRT is like Android, in this case. Asus uses DD-WRT as the base then modifies it a little bit to fit their needs. When Asus doesn't make weird hardware decisions, it's easy to change between the two. To go to DD-WRT on an RT-N16, the suffix on the binary needs to be changed and the NVRAM needs to be erased once the router has been flashed.

puppetworx wrote:That's a smart move too. I seem to remember there being some kind of remote management exploit with dd-wrt routers not too long ago. Asus should have provided a fix for that if they were diligent. Still, if you don't use that feature (can't think of any times I'd use it myself) better to just turn it off for safety's sake.


What exploit are you talking about? There is an exploit caused by the value adding features Asus added to DD-WRT.
Flatland_Spider
Gerbil Elite
 
Posts: 852
Joined: Mon Sep 13, 2004 8:33 pm
Location: The 918/539

Re: Found dd-wrt installed on my router

Postposted on Tue Sep 03, 2013 2:33 pm

What exploit are you talking about? There is an exploit caused by the value adding features Asus added to DD-WRT.


Turns out the exploit is pretty old (2009) so it probably doesn't apply, I thought it was more recent. Still it's better to disable that feature if you don't use it.
Intel Core i5-4670K | Asus Z87-A | G.Skill 8GB 2400MHz CL10 | Asus DirectCU II R9 290 4GB | Samsung 840 120GB |Thermalright Macho | Lancool PC-K59
puppetworx
Gerbil XP
Silver subscriber
 
 
Posts: 494
Joined: Tue Dec 02, 2008 5:16 am


Return to Networking

Who is online

Users browsing this forum: No registered users and 2 guests