Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

While they sit there, oblivious to the fact that that router thing we use for the interwebs and all those IP cameras, NAS devices, and switches in their office are running linux, and bash, and are about to be used for industrial-grade extortion.


It's unlikely many consumer routers would be running Bash. They'd more likely have Busybox with the bog standard Bourne Shell. And same goes for most other embedded Linux devices too.

Though I'm not suggesting that one shouldn't check their own devices to be safe rather than sure.


And how would one go about checking a typical Netgear home wireless router? The only way to manage it is http://192.168.1.1 right?

Or do they typically also offer some kind of shell (telnet? ssh?) access?


Some Netgears do offer telnet, though you often need to enable it via a "magic packet" hack. If you Google your router model number and "telnet" then there should be more information on whether your product supports this and how to go about enabling.


And "indusrial" routers are not running bash, or linux for that matter, either.


Depends on the router. Cisco is famously runs IOS, which I believe is based on BSD (FreeBSD 2.2 specifically). Barracuda gear, however, is Linux based.

However in all cases, I think you'd still be right about Bash not being present.


Cisco is a big place. The Nexus series is Linux-based.


IOS-XE and XR are linux boxes, as are the nexus. Arista is linux based, Juniper is FreeBSD and Force10 is NetBSD (at least the older one were). Many devices in the class of enterprise or service provider grade are not going to be obtaining their addresses via DHCP and have a heavily modified version of the OS, anyway. In addition, best practices should be used in armoring the devices in this class, meaning filtering of the control plane, etc.


IOS is completely home rolled. IOS-XR is now Linux based.


IOS XR used to be QNX though, if I'm not mistaken?

I hadn't heard of these other Cisco products until yesterday, but from what I read IOS XE and NX OS also run on Linux.

Anyhow, getting back to my original point about FreeBSD, there's a few sources that have linked IOS to FreeBSD. But after doing some digging of my own on this topic, I've come to the conclusion that this is one of those urban legends that's proliferated for whatever reason. So it would seem that you're right about IOS being home rolled. Interestingly though, they do have other products which are FreeBSD powered (eg AsyncOS http://www.cisco.com/c/en/us/products/security/email-securit...) but, as you said, not IOS




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: