Router hacked via iptraf in promiscuous mode

[dugaduga]

I had installed iptraf via entware just to mess around a bit with monitoring... after enabling promiscuous mode, I was seeing packets flying around from the local neighborhood/node... soon browsing became largely unresponsive, and the router logs were showing some strange activity; eventually all activity was broken, including dropbear. Could not even log into the router. Had to hard-reboot the router and everything went back to normal; had read later that promiscuous mode can present security threats to wan facing gear (presumably with inadequate permissions security) Lesson learned!

 

[dugaduga]

I guess this is why wireshark warns users and requires a few extra steps to enable analyzation securely under linux.

 

[ColinTaylor]

So nothing to do with hacking then.

 

[dugaduga]

@ColinTaylor, Well I presumed it did after reading this anyway and noting all the vulnerabilities constantly patched within wiresharks passive packet sniffing software, cause I had never experienced such a hang before; though for all I know the software may have simply hung the router.

"Enabling promiscuous mode could spell doom for your virtual network security, especially if inexperienced IT pros are at the helm. So take caution." https://searchservervirtualization....iscuous-mode-affects-virtual-network-security