Keeping your managed router up to date is essential for stability and security of it.
Modern routers often feature Linux or FreeBSD installations which can be made to your powerful enemies unless taken under control.
I've got in my hands a rather old Linksys WRT54GS v1.1 wireless router with some outdated OpenWRT installed on it. Here I'll show what I have learned about OpenWRT and flashing tricks while updating this router to the newer OpenWRT version.
A lot is going on now, 16th of October 2017, about the KRACK attack on WPA2. Links will follow. There was even a (misleading) claim by the president of the German Service for Information Security, Bundesamt für Sicherheit in der Informationstechnik - BSI, Arne Schönbohm, about this attack recommending to switch over to VPN to secure the connections.
In this article I want to clear one detail and potentially somewhat relax the horror this attack, and more of it – its press coverage, is posing on people now. The fact is - all TLS protected connection are still reasonably secure despite the attack! You can surf further without a problem if the sites you visit connect over HTTPS. And most of them do in fact!
Quaoar is not just an object in the Kuiper belt after the Canadian Hackfest 2016. It is a vulnerable machine on vulnhub.
There are many walkthroughs for this machine published. Still, I have decided to post a new one for two reasons. Many pentesters exploit wordpress in long way, whereas there is a quicker one, which is also more convenient, and, this guide contains also a part discussing securing such machine, which is also missing in many other reports, or is even described wrongly.