OpenWrt Security - Overview
This is a draft of a page discussing high-level security issues for OpenWrt. It was captures some of the discussion from the openwrt-devel mailing list messages at http://lists.infradead.org/pipermail/openwrt-devel/2019-August/018544.html. IT IS NOT READY FOR PRIME TIME - Please fill in details. Thanks. -Rich
This page is also under construction. Don't even look at it yet as I pull the draft together over the next day or so. Thanks. -Rich
This page gives an overview of the security issues addressed in OpenWrt firmware. For a more detailed developer-level review of OpenWrt Security, see the developer guide at: security
OpenWrt Threat Model
[is this true?] We look to the threat model of EFF OpenWireless project for guidance:
a) An attacker using the public Internet to reach the router directly, trying to gain access to the admin UI or execute code on the router.
b) An attacker running a malicious website on the public Internet, trying to use XSS, CSRF, or similar attacks that use the router admin's logged-in session to change settings in the admin UI.
c) An eavesdropper near the router, trying to read private communications or gain access to the private network.
d) An attacker near the router who knows the private network password, trying to change settings in the admin UI or execute code on the router.
CITL Study
A recent study from CITL (https://securityledger.com/2019/08/huge-survey-of-firmware-finds-no-security-gains-in-15-years/) indicates that vendors of router firmware, “Aren't even trying.” This section describe some of the concerns that their report identifies, and how OpenWrt addresses them.
... more to come...