Open dl1com opened 4 years ago
Should be improved with current buildroot version from GIT: https://github.com/analogdevicesinc/plutosdr-fw/issues/48
Upgrading to plutosdr-fw 0.32 could close the issue: https://github.com/analogdevicesinc/plutosdr-fw/releases/tag/v0.32
The develop branch now works with plutosdr-fw v0.32, so I finally had the time to try this out. Works flawlessly!
# device_format_jffs2
# device_persistent_keys
# device_passwd
The entered password remains after power-cycling the Pluto.
A next security issue could be the iiod daemon. By default it seems to be enabled at any network interface. Any HNAP client is able change transceiver settings of a basestation when accessing iiod via the TAP device.
iiod binds to tcp port 30431.
Another open port is for the iperf3 server (5201), this is not an issue. The device is furthermore accessible via port 80 / www, but I do not see any security issue here.
# netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:www 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:5201 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:30431 0.0.0.0:* LISTEN
tcp 0 0 192.168.4.1:ssh 192.168.4.10:39370 ESTABLISHED
netstat: /proc/net/tcp6: No such file or directory
udp 0 0 0.0.0.0:44860 0.0.0.0:*
udp 0 0 0.0.0.0:bootps 0.0.0.0:*
udp 0 0 0.0.0.0:5353 0.0.0.0:*
device_persistent_keys
anddevice_passwd