DSM-G600, DNS-3xx and NSA-220 Hack Forum

well, another way you can do is to close port 80 into your dns323. That way nobody will be able to access into this webserver. When you want to use it, open back port 80. Even better method is to use port forwarding, create a port like 12345 to forward to port 80 into your dns323. That way only you know the port number and able to access it.

Most basic modem/router is able to do this.

For clarification, I want to disable the DNS-323 webs http server on my internal network (i.e. inside my router/firewall).  So, manipulation of my router and port forwarding won't solve my problem.

Also, it seems that every time I stop the /webs/webs service it restarts itself within a few minutes.  Is there a special way to shutdown this service so it won't restart itself.  I read somewhere else in the forum that D-Link may have some kind of "watchdog" service looking to see if the /webs/webs service is running and if not it starts it again.

jayas had done something like this in an attempt to improve security in a school environment. maybe he could shed some light

http://dns323.kood.org/forum/t1524-Auto … -sort.html

Another possible solution from jayas:

"If you do a "ls -l /web", you will see that /web/web and /web/webs are links to respective files in crfs.  You can use fun_plug to link these to something else, say /tmp so that after you kill webs, even if it gets restarted, it will not find it."

I think we've known for awhile that the web interface is insecure - however, and I know that not everyone agrees with me - given the intended SOHO usage of the device, I don't see it as being such a problem.

#!/ffp/bin/sh

# PROVIDE: kickwebs
# REQUIRE: LOGIN

#if [ -z ${MAIL} ]; then
#    #setup the ENV variables if not found
#    #this can happen when running from crontab
#    echo "Environment variables not found, including fun_plug defaults."
#    . /ffp/etc/profile
#fi

. /ffp/etc/ffp.subr

name="kickwebs"
start_cmd="kickwebs_start"
#stop_cmd="kickwebs_stop"
status_cmd="kickwebs_status"
original_link=/sys/crfs/web/webs
new_link=/dev/null

kickwebs_start()
{
    echo -n "Kicking webs ..."
    killall webs
    ln -sf $new_link /web/webs
    echo "done."
}

kickwebs_stop()
{
    if [ `kickwebs_temp_status` = "running" ]; then
        echo "INFO: webs already running! Nothing to do."
        exit 1
    fi
    echo -n "Starting webs ..."
    ln -sf $original_link /web/webs
    #/web/webs&
    echo "done."
}

kickwebs_status()
{
    if [ -n "$(pidof webs)" ]; then
        echo "webs running."
    else
        echo "webs stopped."
    fi
}

kickwebs_temp_status()
{
        if [ -n "$(pidof webs)" ]; then
                echo "running"
        else
                echo "stopped"
        fi
}

case "$2" in
    webs)
        if [ "$1" == "stop" ]; then
            kickwebs_stop
        fi
    ;;
    *)
        run_rc_command "$1"
    ;;
esac

# ./kickwebs start
will kill webs and it will not run again

# ./kickwebs stop
will run webs again

having this script +x in /ffp/start direcotry will kick webs on every boot.

Last edited by SilentException (2008-12-04 21:42:04)

SilentException wrote:

Code:

#!/ffp/bin/sh

kickwebs_start()
{
    echo -n "Kicking webs ..."
    killall webs
    ln -sf $new_link /web/webs
    echo "done."
}

Would it be better to create the link *before* killing the webs processes to avoid the (theoretical?) race condition of the dns-323 restarting webs before you make the null link?

Hello,

puterboy wrote:

I'm not sure I understand why this has to happen before lighttpd. Do you need to kill webs before lighttpd starts because of a port or resource conflict?

I kill webs before lighttpd just because lighttpd won't start after this script. You need manually start lighttpd OR write some line of starting lighttpd in this given script. If I run this script without "#BEFORE lighttpd" directive I have no lighttpd server started automatically.

Regards,
alpha

Because the port 80 is in use by webs, lighttpd fails to start.