Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Next revisionBoth sides next revision
docs:guide-user:security:openwrt_security [2021/03/29 12:25] – formatting vgaeteradocs:guide-user:security:openwrt_security [2022/11/06 13:10] – [I have custom packages installed...] mdvthu
Line 7: Line 7:
  
 You need to set a password on your OpenWrt root account. You need to set a password on your OpenWrt root account.
-The root account is the default OpenWrt admin account on your device. The next chapter will show you how to do this.+The root account is the default OpenWrt admin account on your device. 
 +The next chapter will show you how to do this.
  
 This page also contains some general information about security of OpenWrt and what you should do in general, to keep your router in a properly secured state. This page also contains some general information about security of OpenWrt and what you should do in general, to keep your router in a properly secured state.
Line 106: Line 107:
 ===== A word about high-value weak points on OpenWrt ===== ===== A word about high-value weak points on OpenWrt =====
 OpenWrt devices have 2-4 common services running, which kind of mark high-value targets for malware (even when only available in your LAN-zone): Any harmless looking web site, you have visited in your browser, could use cross site request forgery tricks, abusing an unpatched security flaw in one of these services. OpenWrt devices have 2-4 common services running, which kind of mark high-value targets for malware (even when only available in your LAN-zone): Any harmless looking web site, you have visited in your browser, could use cross site request forgery tricks, abusing an unpatched security flaw in one of these services.
-This could lead to malicious malware redirect attacks where [[https://secure.wphackedhelp.com/blog/wordpress-malware-redirect-hack-cleanup/#wordpress_site_redirects_to_another_site|website redirects to a malware site]] and so on.+This could lead to malicious malware redirect attacks where [[https://attack.mitre.org/techniques/T1189/|website redirects to a malware site]] and so on.
  
 These high-value services in particular are: These high-value services in particular are:
  • Last modified: 2024/01/21 19:48
  • by spectredev