dj1an
commented
4 years ago Should be improved with current buildroot version from GIT: https://github.com/analogdevicesinc/plutosdr-fw/issues/48
Open dl1com opened 4 years ago
dj1an
commented
4 years ago Should be improved with current buildroot version from GIT: https://github.com/analogdevicesinc/plutosdr-fw/issues/48
dg8ngn
commented
4 years ago Upgrading to plutosdr-fw 0.32 could close the issue: https://github.com/analogdevicesinc/plutosdr-fw/releases/tag/v0.32
lukasostendorf
commented
4 years ago The develop branch now works with plutosdr-fw v0.32, so I finally had the time to try this out. Works flawlessly!
# device_format_jffs2
# device_persistent_keys
# device_passwd The entered password remains after power-cycling the Pluto.
A next security issue could be the iiod daemon. By default it seems to be enabled at any network interface. Any HNAP client is able change transceiver settings of a basestation when accessing iiod via the TAP device.
iiod binds to tcp port 30431.
Another open port is for the iperf3 server (5201), this is not an issue. The device is furthermore accessible via port 80 / www, but I do not see any security issue here.
# netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:www 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:5201 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:30431 0.0.0.0:* LISTEN
tcp 0 0 192.168.4.1:ssh 192.168.4.10:39370 ESTABLISHED
netstat: /proc/net/tcp6: No such file or directory
udp 0 0 0.0.0.0:44860 0.0.0.0:*
udp 0 0 0.0.0.0:bootps 0.0.0.0:*
udp 0 0 0.0.0.0:5353 0.0.0.0:*
device_persistent_keysanddevice_passwd