I tested our LAN security using nmap on network 192.168.1.0/24. The program spit out a warning when it scanned the router:
.. open ssl/http Verizon FIOS Actiontec http config...SHA-1: 438 33c0 94f6 afc8....
... _ssl-known-key: Found in Little Black Box 0.1...https://code.google.com/p/littleblackbox...
I went to this website and this is what it says:
LittleBlackBox is a collection of thousands of private SSL and SSH keys extracted from various embedded devices. These private keys are stored in a database where they are correlated with their public certificates as well as the hardware/firmware that are known to use those private keys.
A command line utility is included to aid in the identification of devices or network traffic that use these known private keys. Given a public certificate, the utility will search the database to see if it has a corresponding private key; if so, the private key is displayed and can be used for traffic decryption or MITM attacks. Alternatively, it will also display a table of hardware and firmware that is known to use that private key.
The utility can obtain a public certificate several different ways:
- You may give it the path to a public SSL certificate file.
- You may give it the SHA1 hash of a public SSL/SSH certificate.
- Given a host, it will retrieve the host's public SSL certificate.
- Given a pcap file, it will parse the file looking for public SSL certificate exchanges.
- Given a live network interface, it will listen for public SSL certificate exchanges.
I clicked on FAQ, at https://code.google.com/p/littleblackbox/wiki/FAQ, and it says:
2. My router/VPN/printer/server/etc is listed in the LittleBlackBox database. What do I do?
If you have the ability to change the default SSL certificates, do so immediately. If this is not possible, then treat your HTTPS sessions as if they were un-secure HTTP sessions. It may also be possible to tunnel your connections through another service, such as SSH.
Is my SSL unsecure? How do I (Verizon) fix it?
that question might be better for actiontec tech support instead of Verizon, I am pretty sure you won't find anyone at Verizon that would be able to answer that question very easily if at all, so I would send that question over to actiontec
I am curious what their answer would be too, so I sent the same question to them, but they won't answer until monday or tuesday (their site says emails answered mon-fri) and they probably observe memorial day holiday, so tues or wed is when I Would expect to hear from them. .
I asked Actiontec for information and they said that it's not their fw, but Verizon's. They just make the hw.
That being said, will Verizon fix this issue?
Read my earlier statement. Essentially only effects the web pages YOU use to configure your router, and most don't even use a SSL interface to get to those pages.
However I wouldn't be surprised that the OPENSSL patches would be included in some future update of the router. Verizon, like most others, reviewed all their software to see wher the OPENSSL code was used and might need to be patched, the high priority things being the WEB Pages for their sites, and boxes that control their network.
The ciphers in this software are also weak. RC4 should be removed and strong 256-bit ciphers should be added. There hasn't been a software update for over a year, despite the major openSSL bugs reported last year. It's hard to believe that anyone at Verizon is tasked with keeping these modems secure.