Just a little clarification regarding the article  recently posted on /. about a stealth router-based botnet :
- OpenWrt blocks any open port from the WAN side by default ;
- OpenWrt does not provide a "default" password ;
- Any device with weak passwords that can run the binary is vulnerable ;
- As far as we know, there is no core vulnerability in OpenWrt requiring a security fix.
If you opened SSH on the WAN port, ensure you use a strong password for your "root" account, or disable password authentication and rely on key based authentication.
The OpenWrt team
(Last edited by nbd on 6 Apr 2009, 00:26)