What's new

[Release] Asuswrt-Merlin 380.66 is now available

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Fixing bugs won't make a fortune for them, but maybe it can prevent them from losing money, so that's an option not an obligation.

It's actually an obligation. Security got them into legal troubles last year, and they have mandatory security audits to perform on their code, in addition to the need for an established vulnerability management plan.

This is still irrelevant, since as I said, the Samba version they use is NOT vulnerable.
 
Hello Merlin,

Since the update and a full reset i'm getting error in the log that I never received before, maybe you can help me

May 22 03:56:53 dropbear[16649]: Login attempt for nonexistent user from 37.200.66.166:41789
May 22 04:03:00 dropbear[17676]: Login attempt for nonexistent user from 37.200.66.166:60245
May 22 04:09:04 dropbear[18695]: Login attempt for nonexistent user from 37.200.66.166:51041
May 22 04:15:11 dropbear[19712]: Login attempt for nonexistent user from 37.200.66.166:51409
May 22 04:17:16 dropbear[20132]: Login attempt for nonexistent user from 111.198.66.132:43662
May 22 04:17:16 dropbear[20132]: Login attempt for nonexistent user from 111.198.66.132:43662
May 22 04:17:17 dropbear[20132]: Login attempt for nonexistent user from 111.198.66.132:43662
May 22 04:17:18 dropbear[20132]: Login attempt for nonexistent user from 111.198.66.132:43662
May 22 04:17:18 dropbear[20132]: Login attempt for nonexistent user from 111.198.66.132:43662
May 22 04:17:19 dropbear[20132]: Login attempt for nonexistent user from 111.198.66.132:43662
May 22 04:17:19 dropbear[20132]: Login attempt for nonexistent user from 111.198.66.132:43662
May 22 04:17:20 dropbear[20132]: Login attempt for nonexistent user from 111.198.66.132:43662
May 22 04:17:20 dropbear[20132]: Login attempt for nonexistent user from 111.198.66.132:43662
May 22 04:17:21 dropbear[20132]: Login attempt for nonexistent user from 111.198.66.132:43662
May 22 04:18:04 dropbear[20225]: Login attempt for nonexistent user from 180.128.21.46:50540
May 22 04:18:04 dropbear[20225]: Login attempt for nonexistent user from 180.128.21.46:50540
May 22 04:18:05 dropbear[20225]: Login attempt for nonexistent user from 180.128.21.46:50540
May 22 04:18:05 dropbear[20225]: Login attempt for nonexistent user from 180.128.21.46:50540
May 22 04:18:06 dropbear[20225]: Login attempt for nonexistent user from 180.128.21.46:50540
May 22 04:18:07 dropbear[20225]: Login attempt for nonexistent user from 180.128.21.46:50540
May 22 04:18:07 dropbear[20225]: Login attempt for nonexistent user from 180.128.21.46:50540
May 22 04:18:08 dropbear[20225]: Login attempt for nonexistent user from 180.128.21.46:50540
May 22 04:18:09 dropbear[20225]: Login attempt for nonexistent user from 180.128.21.46:50540
May 22 04:18:09 dropbear[20225]: Login attempt for nonexistent user from 180.128.21.46:50540
May 22 04:21:15 dropbear[20819]: Login attempt for nonexistent user from 37.200.66.166:54690
May 22 04:27:21 dropbear[21915]: Login attempt for nonexistent user from 37.200.66.166:35219
May 22 04:32:29 dropbear[22766]: Login attempt for nonexistent user from 103.244.254.131:57785
May 22 04:32:31 dropbear[22768]: Login attempt for nonexistent user from 103.244.254.131:59920
May 22 04:32:33 dropbear[22769]: Login attempt for nonexistent user from 103.244.254.131:60774
May 22 04:33:52 dropbear[23020]: Login attempt for nonexistent user from 37.200.66.166:44593
May 22 04:33:53 dropbear[23020]: Login attempt for nonexistent user from 37.200.66.166:44593
May 22 04:40:31 dropbear[24127]: Login attempt for nonexistent user from 37.200.66.166:47406
May 22 04:41:59 dropbear[24382]: Login attempt for nonexistent user from 128.204.32.15:33988
May 22 04:41:59 dropbear[24382]: Login attempt for nonexistent user from 128.204.32.15:33988
May 22 04:42:00 dropbear[24382]: Login attempt for nonexistent user from 128.204.32.15:33988
May 22 04:42:00 dropbear[24382]: Login attempt for nonexistent user from 128.204.32.15:33988
May 22 04:42:01 dropbear[24382]: Login attempt for nonexistent user from 128.204.32.15:33988
May 22 04:42:01 dropbear[24382]: Login attempt for nonexistent user from 128.204.32.15:33988
May 22 04:42:02 dropbear[24382]: Login attempt for nonexistent user from 128.204.32.15:33988
May 22 04:42:02 dropbear[24382]: Login attempt for nonexistent user from 128.204.32.15:33988
May 22 04:42:02 dropbear[24382]: Login attempt for nonexistent user from 128.204.32.15:33988
May 22 04:42:03 dropbear[24382]: Login attempt for nonexistent user from 128.204.32.15:33988
May 22 04:46:37 dropbear[25154]: Login attempt for nonexistent user from 37.200.66.166:34091

Thanks alot for your help
 
Last edited:
You should enable the auto banning for SSH, sadly I am not at home, so I can't search where that feature is hidden in the gui! Perhaps someone can answer you that question faster, otherwise I will do that later ;)
 
Since the update and a full reset i'm getting error in the log that I never received before, maybe you can help me

Do you absolutely need SSH access over the Internet? If not, disable it, and limit it to your LAN.
 
I'm upgrading through the router's setup page. No error message. The upload completes, but once the page refreshes, it still shows that I'm using the older 376.47 firmware (merlin build). I even tried resetting to factory defaults.

I found this on the wiki:
"The RT-AC68U and RT-AC56U need to be at least on firmware 378.55 (or the last 378.xxx version from Asus) before you can flash 380.xx, due to the partition size change."

So I tried installing various 378.xxx files from Asus.com -- but no matter which one I select, I'm still stuck on 376.47.
 
Here:
yKwfs8W.png
 
So I tried installing various 378.xxx files from Asus.com -- but no matter which one I select, I'm still stuck on 376.47
Try with these steps:
Remove usb devices hooked,reboot, flash with 378.55 ....reconfig minimal and flash with the latest, factory default and reconfig from scratch.
Still not working?, use this tool and method to flash with 378.55 and latest after
https://www.asus.com/support/FAQ/1030652/
 
Last edited:
Try with these steps:
Remove usb devices hooked,reboot, flash with 378.55 ....reconfig minimal and flash with the latest, factory default and reconfig from scratch.
Still not working?, use this tool and method to flash with 378.55 and latest after
https://www.asus.com/support/FAQ/1030652/

Problem solved. I had to install 378.55 merlin build instead of something from Asus.com. That worked, then I was able to install latest merlin.
 
This post is FYI evidence only - not sure if there is problem with my PC or RT-AC68U

There seems to be time gaps in the log ...

Installed 380.66 about 10-12 days ago, and it has been running just fine from user's point of view.
However, there are gaps in the log history

I have also seen gaps in the log file, after power cycling the router.

I always assumed that the last few log file entries are in RAM, and so are lost when the router loses power, but I don't know if this assumption is correct.

In my case, this affects an RT-AC66U with the very old 378.56_2, so the 'gaps issue' might not be anything new.
 
I just updated a remote RT-N66U to the latest 380.66_4 but after the process I was asked for a manual reboot. I guess I am out of luck now, since I can only physically access that location in about 8 weeks of time. Or is there any hope left?

(I have done this kind of remote upgrade a few times in the past - SSH to the router, access web interface via port forwarding - never was I asked for a manual reboot)
 
I just updated a remote RT-N66U to the latest 380.66_4 but after the process I was asked for a manual reboot. I guess I am out of luck now, since I can only physically access that location in about 8 weeks of time. Or is there any hope left?

(I have done this kind of remote upgrade a few times in the past - SSH to the router, access web interface via port forwarding - never was I asked for a manual reboot)

Often you'll be asked to reboot. Should be able to just access the web interface again and click the reboot button or just issue reboot from the command line.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top