Firewall issues

[Xponder1]

And you leave the SPI firewall on?

I've had no trouble with the router for anything else, just an intermittent registration issue in the last couple days while the firewall is on.

Yes I leave it on.

[Xponder1]

I think the newest release was to address an exploit that would give hackers full control of the router. I saw a news release about it yesterday.

DD-WRT httpd vulnerability (milw0rm.com report)

As reported at www.miw0rm.com there is a vulnerability in the http-server for the DD-WRT management GUI that can be used for execution of an exploit to gain control over the router.

Note: The exploit can only be used directly from outside your network over the internet if you have enabled remote Web GUI management in the Administration tab. As immediate action please disable the remote Web GUI management. But that limitation could be easily overridden by a Cross-Site Request Forgery (CSFR) where a malicious website could inject the exploit from inside the browser.

We have fixed the issue and generated new builds of the latest DD-WRT version. You can temporarily download the these files from here until we did update the router database.
[UPDATE] We have integrated most of the fixed build files into the router database. You can check there if files for build 12533 are available for your router. If not (yet) please check the location mentioned above to obtain the files.

The exploit can also be stopped, using a firewall rule: Go to your router's admin interface to > Administration > Commands and enter the following text:

Edit- Figures they would have a exploit when I stop going and reading their site weekly.

[olaf]

I asked the OP about version, because I have SPI on with no issues whatsoever. One key difference, though, is that as a former beta tester, I'm able (and choosing) to connect with my own equipment (PBX-in-a-Flash), not a Voipo-supplied ATA. My DD-wrt version is shown below:

Code:

Router Model         Asus WL-520GU/GC
Firmware Version     DD-WRT v24-sp2 (06/09/09) mini-usb - build 12268M NEWD Eko

I don't know as if the hardware would make a difference, but what brand and model router are you running?

I am using the same router you are, Asus WL-520gU (I haven't put mini-usb on it since I haven't had a need to use the USB port).

Regarding the DD-WRT security hole, if you don't want to upgrade just yet for some reason, it can also be addressed with a firewall rule, as seen on the DD-WRT homepage.

Thanks to those who have weighed in on this. I am leaning towards re-enabling the firewall and forwarding the necessary ports, but will have to do some testing for that.