Maxim Konovalov <maxim_at_macomnet.ru> writes: > On Fri, 25 Jul 2003, 13:22-0400, Robert Watson wrote: > > > > > Yeah, seems like an oxy-moron, but this is a legitimate question, I > > promise. My linksys wireless router requires me to disable the admin > > password on it to tftp a firmware update to it--however, the Windows tftp > > client that Linksys ships appear to support some form of "Oh yeah, and > > here's a password". It probably really doesn't make a difference > > security-wise, but it would be a lot more convenient to update wireless > > routers if our tftp client spoke whatever extension they use to carry the > > password. Does anyone know anything about that protocol extension, or if > > there are existing tweaks to add it to our tftp? (I saw nothing in the > > man page). If there's a pointer to the on-the-write bits, I can always > > stick it in myself, but I have yet to find one. > > There are several tftp extension that NetBSD folk integrated to their > tftpd/tftp recently. IIRC they were > > 2347 TFTP Option Extension. G. Malkin, A. Harkin. May 1998. (Format: > 2348 TFTP Blocksize Option. G. Malkin, A. Harkin. May 1998. (Format: > 2349 TFTP Timeout Interval and Transfer Size Options. G. Malkin, A. > > I know nothing about auth extension yet but the protocol is quite > simple (trivial :-)) and if you get a dump of udp session between the > router and windows tftp client it would be easy incorporate this one. Just to explain further what Maxim is pointing out here: the authentication option, whatever it is, is *not* a standard, unlike the ones he listed.Received on Fri Jul 25 2003 - 11:20:46 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:16 UTC