Search found 89 matches

by throughwalls
Mon May 05, 2014 6:16 pm
Forum: News
Topic: Version 1.6.1 - Heartbleed Fix
Replies: 84
Views: 114862

Re: Version 1.6.1 - Heartbleed Fix

There seems to be a bug in wireless repater mode. If some client logs into gargoyle and not the repeated ssid, the gargoyle router and all behind it, is no more accessable until reboot. From logging in to fail it lasts ca. 10 sec. I have not seen anything like that on my wireless client + wireless ...
by throughwalls
Mon Apr 21, 2014 6:42 pm
Forum: News
Topic: Version 1.6.1 - Heartbleed Fix
Replies: 84
Views: 114862

Re: Version 1.6.1 - Heartbleed Fix

I have upgraded a TP-Link TL-WR740N/ND v7 to this version and so far it has been flawless in the basic functionality.

Have not been able to try the OpenVPN enhancements yet.
by throughwalls
Mon Apr 21, 2014 6:35 pm
Forum: General Discussion
Topic: dropbear 2013.58-1 security status?
Replies: 6
Views: 2774

Re: dropbear 2013.58-1 security status?

Both SSH and OpenVPN configuration take technical knowledge and sophistication to do right. Neither is for beginners, at least not if you want to keep the scanning hords out. Going back to the original question : Is the choice of this version of dropbear done by OpenWRT team, or by Gargoyle team? It...
by throughwalls
Sun Apr 20, 2014 7:00 pm
Forum: General Discussion
Topic: dropbear 2013.58-1 security status?
Replies: 6
Views: 2774

Re: dropbear 2013.58-1 security status?

OpenVPN is an option for large routers, but most have just 4MB of Flash. For those routers the safe option is using SSH (instead of SSL to the web GUI). You always have a risk with any internet services. OpenVPN had a problem because it uses OpenSSL. Dropbear likely has problems. The only way to avo...
by throughwalls
Sat Apr 19, 2014 7:01 pm
Forum: News
Topic: Version 1.6.1 - Heartbleed Fix
Replies: 84
Views: 114862

Re: Version 1.6.1 - Heartbleed Fix

If I read the Git commits correctly, this uses the latest 40423 version of AA?

Thank you for the good UI love to increase VPN control and transparency! I need to go and buy myself additional routers to play with.
by throughwalls
Fri Apr 18, 2014 5:16 am
Forum: General Discussion
Topic: openSSL heartbleed vulnerability
Replies: 13
Views: 11189

Re: openSSL heartbleed vulnerability

From m Hardening OpenVPN Security One of the often-repeated maxims of network security is that one should never place so much trust in a single security component that its failure causes a catastrophic security breach. OpenVPN provides several mechanisms to add additional security layers to hedge ag...
by throughwalls
Thu Apr 17, 2014 10:05 am
Forum: General Discussion
Topic: openSSL heartbleed vulnerability
Replies: 13
Views: 11189

Re: openSSL heartbleed vulnerability

m is an interesting update on OpenVPN leakage. One bright spot for some smaller organizations using OpenVPN is that the exploit won't work against systems that have TLS authentication enabled as long as all the end users connecting are trusted. That's because TLS authentication uses a separate priva...
by throughwalls
Tue Apr 15, 2014 11:07 am
Forum: General Discussion
Topic: openSSL heartbleed vulnerability
Replies: 13
Views: 11189

Re: openSSL heartbleed vulnerability

It would be great to figure out a work around which allows command line updating of the packages. I get the following error.

# opkg install libopenssl_1.0.1g-1_ar71xx.ipk
ERROR: Specified install destination is not writable, exiting


Is this because openssl is located in ROM?
by throughwalls
Tue Jan 21, 2014 11:07 am
Forum: News
Topic: Version 1.6.0
Replies: 90
Views: 126383

Re: Version 1.6.0

Fix display of incorrect key size of Blowfish Ciphers in OpenVPN client configuration Thank you for this. Was there any progress in either showing VPN status on the client router login screen, or in blocking WAN access except to the configured VPN server? If there have, I will go and buy another ro...
by throughwalls
Wed Dec 11, 2013 6:52 pm
Forum: General Discussion
Topic: Myspace / Facebook / Instant Messaging
Replies: 7
Views: 7529

Re: Myspace / Facebook / Instant Messaging

Can this not be done with dns? If one routs facebook.com to 192.168.1.1 this would even work for https. But I see gargoyle does not have this feature maybe it could be implemented in future version of gargoyle. You can force this for all users of the router by editing the /etc/hosts file manually. ...