Results 1 to 2 of 2
  1. #1
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Central PA

    Question DHCP leakage internally?


    This will take some testing in a lab before this topic concerns me. I am interested in how dnsmasq behaves, however.

  2. #2
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Phoenix, AZ


    Well, there's jack you can do about clients that connect to both networks at the same time. Not unless you have some sort of NAC solution to manage it. I also highly doubt that Untangle is vulnerable to any of this, largely because Untangle unlike the "routers" being tested here, is actually using relatively recent versions of all the software in question.

    This just screams of the busybox issues that appeared a few years back, fixed a decade ago but still unpatched devices in the wild because of the endless need for firmware to be actually maintained, in a society that only values cheap and disposable.

    Even the ARM version of Untangle would be vastly more modern than what's running on the average Meraki, much less the Linksys.

    Our defense of everything is built on the simple ability to update software, quickly, and efficiently. A system that cannot automatically update is useless, which makes every home router and every IOT device out there insecure by default, and impossible to secure over the long term. The fact our industry even created these monsters at all is a huge indictment of how corrupt it is.

    There will always be software issues, there is no such thing as a perfect implementation, so we'll always need software patches, and configuration audits.
    Jim.Alles likes this.
    Rob Sandling, BS:SWE, MCP
    Phone: 866-794-8879 x201

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

SEO by vBSEO 3.6.0 PL2