[isf-wifidog] WiFiDog Security problem?
Benoit Grégoire
bock at step.polymtl.ca
Lun 5 Nov 16:09:23 EST 2007
On 5 November 2007, Jeff Schallenberg wrote:
> I am working with Montérégie sans fil (MSF)
> http://www.monteregiesansfil.org. Our auth server is running changeset 1276
> of WiFiDog, not the most recent one.
>
> I have just flashed a WRT54GL with WiFiDog, and I decided to test it on my
> home LAN before demonstrating it for our customer (Ville de Brossard).
>
> I am sitting in my living room, writing from my laptop, connected to the
> SSID: "MSF-Brossard-Bibliothèque", gateway IP 192.168.5.1, which is in my
> den, connected to a LAN port of my main home router - another Linksys
> WRT54G, version 5, whose IP is 192.168.1.1. The problem is, I can LOGIN to
> my home router from the MSF router :-(
>
> I don't think I should be able to get web pages from another subnet, should
> I?
>
> Is this a known security "hole" that must be corrected on the WiFiDog
> router (in wifidog.conf)?
It's not a "hole", in the sense that wifidog.conf (as distributed by the
wifidog project) has sample configs to block access to upstream LAN if so
desired. Aparently, the MSF firmware chose not to implement this block.
Plus d'informations sur la liste de diffusion WiFiDog