ok so i did an nmap scan on my dd wrt router from inside the net work.


here is the results of nmap.
""""""
issuer: commonname-newmedia-NET Gmbh
stateorprovincename= saxson/countryname=DE

public key type: rsa
public key bits: 512
signature algotithm: sha1withRSAEncryption
MD5 = shows the hash value
sha-1 = shows the hash value

ssl-known-key: found in little black box 0.1 -
http://code.google.com/p/littleblackbox


"""""""


ok so that ssl known key at the end is that something i should be worried about? i am concerned this ssl known key is what my router uses when i sign in with my password to it.


also ports 53,80 and 443 are visible from inside my network.


PLEASE note i am doing this scan from the INSIDE not the outside of my network.




thoughts anyone?

I wouldn't worry about. You are correct, you SSL key for your router is known, so is millions of others. Not a big deal so long as logging in to your router from the OUTSIDE is prevented. From the inside, keep it tight by blocking the 80 and keeping the 443. I personally use MikroTik routers, and the only way to actually connect is through a specific physical port.

This is why I also don't let my wireless hang-out just for anyone to connect to (20 character randomized password), place my wireless on a restricted subnet, and prevent router management access to anyone who is on the wireless.

Again, not a big worry. Do your own due-diligence, and carry on.

First of all the fact the private key is in the littleblackbox repo of known private SSL keys is a Fact of Life where embedded devices are concerned. (Plus vendors can not be expected to be careful anyway but that's another discussion). Secondly obtaining the private key makes a MiTM possible but as long as you don't expose any remote management features that would confine this to your own LAN ( and device security like custom admin password, separate vlans and ACLs should be thought of as "basic" anyway in this day and age and regardless of providing services in a DMZ or not, and especially when using heterogeneous environments, enabling BYOD or allowing otherwise untrusted clients), and this certificate is used only to provide an encrypted connection to the admin web interface of your router, so using it for any other purpose (public-facing or not) should be corrected immediately. Most importantly though, third: once resolved (see this and this) there is no issue to "worry" about any more...


So well done for running the scan in the first place, now understand the potential risks and then fix things. That actually allays fears.

acl = access control list?
byod = bring your own device??

i have remote administration all turned off.
i have access point isolation and all clients on the network are isolated from each other.

i really think it's time to just buy a newer router

and i do have a big password for the router 20+ characters

i tried to follow the dd wrt directions to separate the wireless LAN from the wired LAN via a VLAN setup but couldn't get it to take.

the router is the old standby wrtg54g 11 years old!