Page 1 of 1

Weird discovery on linksys router

Posted: Wed Oct 12, 2005 7:32 pm
by Red Squirrel
Ethereal keeps showing up with Notify HTTP packets being sent to 239.255.255.250 which must be some kind of default broadcast address that it uses or something, as I've never seen that IP before, and it seems to be part of a reserved range. I'm guessing it's like a catch all broadcast address or something. Since my real network broadcast is 10.1.1.255

Anyway after examining the packets I noticed this is the page that was being accessed:

http://10.1.1.1:5678/rootDesc.xml

It's an xml document disclosing info about the router, and my guess is that it works extrnally as well.

And to be more interesting I googled this and got this:

http://www.coresecurity.com/common/showdoc...6&idxseccion=10

It's a vulnubility. :lol: Time to patch up, or something. I've been wanting to get a more high end router anyway. But when I last tried that it did not go too well (stupid netgear crap) so I may as well save up and get a Cisco Pix, which will take me a couple of days to configure but it's all good. :lol:

Archived topic from Iceteks, old topic ID:3837, old post ID:31147