130 replies to this topic

[Robinson]

SSH may be simpler if you aren't exchanging large files. And it doesn't involve as much setup.
http://www.milosoftw...p?body=dropbear
You can use this also to setup connections between boxes and tunnel any traffic over it securely.

 

What happens when I re-flash the box?

What should be done to avoid creating the keys again?

[MiLo]

Autobackup will save and restore the keys automatically.

[Robinson]

OK, but if I don't want to use Autobackup?

Let's say I want to make sure my box will be completely fresh after re-flash without any possible litter?

What files/folders should I copy before re-flash and restore afterwards?

[kermith]

Damn, I will have to quicken my safe setup.

There was another trespass in my Vu+ last night. I don't understand what the point is for the intruder to set an address to another share than my Oscam at home.

I haven't noticed anything since my channels on my TV was working but then all of a sudden my channel list was greyed out when I tried to switch the channel so that got the red flag up.

 

Also I just realised that my password to my WEBIf was ok, but when I tried to logon in to my VU+ through FTP and Telnet the password didn't work.

Didn't know I could set different passwords for different services.

 

Jeez, all router settings like portwareding I have now killed.

OpenVPN here I come. Glad it's christmas time, so I'll have a lot of spare time

[kermith]

By the way, tried to do a Factory Reset on my VU+ to skip hassle with the USB flash drive. But the Factory Reset is not a good name for it since it doesn't wipe your box completely to s when I got it.

All files passwords etc are still there after the reset. So a name change would be in place.

For me Factory Reset means wiping ALL stuff out and just have a bare bone clean box.

Edited by kermith, 8 December 2016 - 15:16.

[SpaceRat]

There was another trespass in my Vu+ last night. I don't understand what the point is for the intruder to set an address to another share than my Oscam at home.

Simple: They don't know it's "your" oscam at home, they just see there is a CS-Server you use.
They add your server to their oscam to get access to it and in the best case they then hook your oscam to theirs (To avoid multiple logins on the CS-Server, which would happen if you were also still connecting to it).

Or they are just fooling around to show you that everything is wide open.
If you happen to watch MTV, Fundorado TV or Megamax a lot the last weeks, it's me switching your channels and you got no decent pay TV (Else I would have zapped to Hustler TV or Brazzers TV).
Building new images/packages sometimes takes quite some time and zapping other people's E2 box is a quick and non-demanding amusement, especially when all the tabs are already open *vbeg*

Quite impressive how long people just try to zap back before they finally close the ports ... the most patient one is still having fun.

[kermith]

Great Post @SpaceRat. I just don't get the point, to connect me to their servers. They are handing me a cline for free and what they want in return?
I suspect they want to stream from it as "a payment". I would have never seen it if I suddenly had an greyed out list in my channel listing. 

 

Or, as you say, they just wanna make me feel like an idiot. Well in that case the have succeeded

 

Also, as I wrote, how is it possible to have different passwords for different services. I thought setting a password with the telnet command "passwd", is all the passwords there is to set to gain access to WEBIf (if the authentication is set there), telnet, ftp and ssh. Are there additional setup for setting different passwords for different accounts?

[SpaceRat]

Telnet doesn't belong opened to the internet, no matter what.
For ssh don't use passwords at all, use pub/private key auth (asymetric crypto) instead and disable password use entirely.

OpenWebif allows you to "disallow root logins" (So that OWIF can not be abused to probe the password for root), you will have to use any other linux user's but root's login/password then.
It's not a big security gain though.
It's basically only good enough if you want to access the Webif locally without your son spying the password, so that he can telnet to the box afterwards, finding out the pin for your pr0n channels.

FTP will also work with any Linux user you create, but in most cases you will end up with using user root, because the only thing you actually need FTP for is moronic E2 tools for Bouquet creation.
For secure file access use SSH's sftp-server or scp (Secure CoPy) instead.

[littlesat]

Telnet doesn't belong opened to the internet, no matter what.

For ssh don't use passwords at all, use pub/private key auth (asymetric crypto) instead and disable password use entirely.

+1

Edited by littlesat, 8 December 2016 - 16:58.

[kermith]

Telnet doesn't belong opened to the internet, no matter what.
For ssh don't use passwords at all, use pub/private key auth (asymetric crypto) instead and disable password use entirely.

OpenWebif allows you to "disallow root logins" (So that OWIF can not be abused to probe the password for root), you will have to use any other linux user's but root's login/password then.
It's not a big security gain though.
It's basically only good enough if you want to access the Webif locally without your son spying the password, so that he can telnet to the box afterwards, finding out the pin for your pr0n channels.

FTP will also work with any Linux user you create, but in most cases you will end up with using user root, because the only thing you actually need FTP for is moronic E2 tools for Bouquet creation.
For secure file access use SSH's sftp-server or scp (Secure CoPy) instead.

 

Man, that is a great post! Thanks all for sharing your knowledge, which is priceless! 

[Pedro_Newbie]

Let's hope that your provider isn't going to block your card/subscription because it is on a share network

[kermith]

True, but how could a provider check if it's on a shared network.

I use it in my house and stream to my country house.

[Robinson]

Damn, I will have to quicken my safe setup.

There was another trespass in my Vu+ last night.

What does netstat show?

[MiLo]

OK, but if I don't want to use Autobackup?
Let's say I want to make sure my box will be completely fresh after re-flash without any possible litter?
What files/folders should I copy before re-flash and restore afterwards?

I'd say just read the source code of autobackup. That'll tell you everything.

[SpaceRat]

[kermith]

Hehe

[kermith]

 

Damn, I will have to quicken my safe setup.

There was another trespass in my Vu+ last night.

What does netstat show?

 

 

Netstat where?

[Robinson]

Netstat is a telnet command.

[kermith]

So what should I do?

[SpaceRat]

If you believe that you currently got visitors on your box, you can execute

netstat -t

on the shell (Via telnet or ssh).

You can then see the active connections, one will be your own telnet/ssh connection, about the others you will have to see yourself:

root@duo2 ~ # netstat -t
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 Duo2.lan:35361          debian.lan:12000        ESTABLISHED
tcp        0      0 Duo2.lan:ssh            pc.lan:64292            ESTABLISHED

Left side is your box, right side the peer(s) connected.

In this case everything is just fine, the only two connections are
- my PC being connected via ssh
and
- the box being connected to my central oscam server.