#2 SMC Barricade router Security hole

[Anonymous]

Your script works with SMC routers specifically the 7004ABR
Barricade and the 7004VBR only if you login before you run the
script, set the administrator timeout to zero and kill the
browser.  THIS CONFIGURATION IS UNACCEPTABLE! This
leaves the router config open on the linux box in question and
does not allow for a proper securing of the router.  ANY person
logging in on the linux box in question running the ipcheck script
with the open router login will have access to modify the router if
connected.  This is a major security hole.  

Your script in an ideal situation for both routers should do the
following:

1.  Log in to the router.
2.  switch to the status.HTM page on the router
3.  Read the IP address
4.  Log out of the router.

This should occur with an administrator login timeout  of ten
minutes.

For your information I have worked with the ddclient package as
well. Interestingly the ddclient software has the same security
hole!  Please plug this security hole as soon as possible in your
script.

I am willing to test your script but am unable to write in
python.  I do not know python scripting.

galat@uakron.edu