Unfortunately no one can be told what fun_plug is - you have to see it for yourself.
You are not logged in.
This may sound lika strange question - but ....
I have this recollection of being able to manipulate the DNS-323 from the browser without authentication - for example ....
This <http://DNS-323 IP/goform/sysShutDown> which comes from here used to just shut down my DNS-323, but now it seems to be asking me to authenticate - I'm running fw1.05 and can't recall which firmware I was running when I tried it before - so ...
Is this the result of fw 1.05 or some other sort of change - hot fix in Windows - or am I just having a senior moment?
Offline
After a little more fiddling I think found the answer to my question.
It seems that I can only reach that webpage if the system I am on has been authenticated to the DNS-323 sometime prior to my using the link - I cannot use that link to shutdown the DNS-323 if I have not accessed the admin web page previously from the same system.
Maybe it's not so insecure after all.
I wonder how many more of the perceived insecurities also have this prior authentication "requirement".
Offline
the website has the 10 minute timeout. so after you log in for the first time, you can browse through web interface pages without being asked for a password each time. after that timeout, it'll ask you for a password again.
nevertheless, some of the pages and functions are not secure (accessible without the authentication). you can find which ones by going through goahead web server source code from d-link gpl pack.
Offline
Actually - I might have phrased the subject incorrectly when I posted the question - it was not the security that I was interested in, but I needed to understand why a shutdown command that I had been pointed to previously and which had worked for me, suddenly (at least to my way of thought) no longer did.
Offline