What is a goform log?

584    Asked by ranjan_6399 in SQL Server , Asked on Jan 19, 2022
I Was setting up Wifi at home today and was appalled at the minimal security that the web server provides. Default username/password is Googleable and is admin admin When you do change passwords, your password change is restricted to less than 8 characters and no special characters. No limits on password attempts (Thus brute forcing) No CSRF tokens So I thought I would write a simple web-page that port forwards all traffic to the first ip allocated by default and it worked. Does this constitute an exploit? Would most OS firewalls be able to save a victim? Should I buy another router?
Answered by Ranjana Admin
Answer :
To know about the goform logs, you need to understand that ISP routers are notorious for having bad security. Home routers in general aren't that great security wise, but some of the better ones at least provide firmware updates that fix known flaws. They provide better security than their ISP counterparts, and usually have a much better feature set as well.

I would consider this an exploit. As such, you should consider where and how you post information about this - the best way to handle such things in my view is through responsible disclosure:

"Responsible disclosure is a computer security term describing a vulnerability disclosure model. It is like full disclosure, with the addition that all stakeholders agree to allow a period of time for the vulnerability to be patched before publishing the details."

(Wikipedia - you can read the rest here: http://en.wikipedia.org/wiki/Responsible_disclosure)

OS level firewalls won't mitigate these kinds of attacks.

Your Answer

Interviews

Parent Categories