A customer has a dedicated Internet connection for their point of sale debit machine. In order to pass PCI compliance they they have to have their network scanned by a third party. https://www.pcicomplianceguide.org/faq/ . It's basically a NESSUS scan. The AIRSTATION_HIGHPOWER_N300_DD-WRT with the most recent firmware failed that test. From the report...
The remote host seems to generate Initial Sequence Numbers (ISN) in a weak
manner which seems to solely depend on the source and dest port of the TCP
packets.
http://seclists.org/bugtraq/2002/Aug/60
http://securityresponse.symantec.com/avcenter/security/Content/2002.08.05.html
This is a bug that goes way back to 2002 that should have been patched with kernel V 2.4. Any suggestions or alternative FW that we could try? I did download the latest DD-WRT FW but it would not load from the web interface and I don't wish to brick the unit.
Browser ID: smf
(is_webkit)
Templates: 1:
Printpage (default).
Sub templates: 4:
init,
print_above,
main,
print_below.
Language files: 1:
index+Modifications.english (default).
Style sheets: 0:
.
Hooks called: 49 (
showintegrate_autoload, integrate_pre_load, integrate_load_session, integrate_verify_user, integrate_pre_load_theme, integrate_user_info, integrate_load_board, integrate_board_info, integrate_allowed_to_general, integrate_allowed_to_general, integrate_boards_allowed_to, integrate_mod_cache, integrate_pre_load_theme, integrate_allowed_to_general, integrate_simple_actions, integrate_allowed_to_general, integrate_load_theme, integrate_pre_log_stats, integrate_actions, integrate_word_censor, integrate_word_censor, integrate_pre_parsebbc, integrate_bbc_codes, integrate_bbc_print, integrate_post_parsebbc, integrate_pre_parsebbc, integrate_smileys, integrate_smileys, integrate_post_parsebbc, integrate_pre_parsebbc, integrate_smileys, integrate_smileys, integrate_post_parsebbc, integrate_allowed_to_general, integrate_allowed_to_general, integrate_allowed_to_general, integrate_allowed_to_general, integrate_allowed_to_general, integrate_allowed_to_general, integrate_allowed_to_general, integrate_allowed_to_general, integrate_allowed_to_general, integrate_allowed_to_general, integrate_menu_buttons, integrate_current_action, integrate_theme_context, integrate_allowed_to_general, integrate_allowed_to_general, integrate_allowed_to_general)
Files included: 27 - 1055KB. (
show./index.php, ./Settings.php, (Cache)/db_last_error.php, (Sources)/QueryString.php, (Sources)/Subs.php, (Sources)/Subs-Auth.php, (Sources)/Errors.php, (Sources)/Load.php, (Sources)/Security.php, (Sources)/Subs-Compat.php, (Sources)/Subs-Db-mysql.php, (Sources)/Cache/CacheApi.php, (Sources)/Cache/CacheApiInterface.php, (Sources)/StopForumSpam.php, (Sources)/Subs-Charset.php, (Sources)/Unicode/Metadata.php, (Sources)/Unicode/QuickCheck.php, (Sources)/Session.php, (Sources)/Logging.php, (Sources)/Class-BrowserDetect.php, (Sources)/Unicode/RegularExpressions.php, (Sources)/Unicode/CaseUpper.php, (Sources)/Unicode/CaseTitle.php, (Current Theme)/languages/index.english.php, (Current Theme)/languages/Modifications.english.php, (Sources)/Printpage.php, (Current Theme)/Printpage.template.php)
Memory used: 719KB.
Tokens:
post-login.
Queries used: 14.
[Show Queries]