Does Peplink use dnsmasq for either DNS or DHCP? I ask because it recently came to light that the software has 7 known flaws. I ran nmap UDP version detection on a 7.0.1 Surf SOHO
nmap -sU -p 53-53 -T4 -A -v [LANIP]
and got this
PORT STATE SERVICE VERSION
53/udp open domain ZyXEL P-660HW-D1 wireless ADSL router dnsd
|_dns-recursion: Recursion appears to be enabled
Hi Michael, how about temporarily enabling the CLi or ssh on the Pepwave and log in with your administrator username and password and running TOP to see?
Hi Michael, I’ve just updated to 7.02 last night and have run a similar NMAP scan with differing results:
PORT STATE SERVICE VERSION
53/udp open|filtered domain
MAC Address: 00:00:00:00:00:00 (PePWave)
Too many fingerprints match this host to give specific OS details
So the Pepwave is certainly disguising itself better but it doesn’t answer your question really, but I’d definitely
upgrade the firmware as a start
PORT STATE SERVICE VERSION
53/udp open domain ZyXEL P-660HW-D1 wireless ADSL router dnsd
|_dns-recursion: Recursion appears to be enabled
Or of course password length/spaces? You could always try the user account and simplify it’s password as a test.
Wouldn’t get you TOP at a root level but would let you know if password complexity is the issue
Also, just a thought; have you changed the ssh port you’ve set it to listen on? If you leave the Cli open it’s not
a bad idea to alter the ssh port from the stock 22 - at least an initial attempt by a hacker (pre any port scan
which you might detect) will suggest to the attacker ssh is not enabled.
God bless Tereza
Use ‘admin’ as the username (even if you have changed it in the webui) and your admin password. Just a note that it is a very restricted userspace when you access via SSH. You can only run allowed commands - guide here: http://download.peplink.com/manual/CLI%20SSH%20Guide.pdf
As to DNSmasq, the Peplink engineering team will reply to that question with authority shortly I’m sure, but unless the firmware has changed drastically since I left over a year ago they are not using DNSmasq.
@Michael234, the verification is taking us more time than we thought. We wanted to make sure the info provided is 100% accurate. We agree we could have done a better job and respond faster next time. Thanks.