I bought a Turris Omnia in order to learn a little bit more about networks (I have very little knowledge beyond basic understanding of how TCP/IP works; I mean I know what’s a VLAN and the commands to set up a basic one but that’s basically all).
I have a little bit more knowledge about Linux system administration, but not a high-level either. I’ve been introduced to OpenWRT a few years ago but don’t remember a thing (except that it’s Linux and it’s good).
Problem is, after unboxing my Turris, I plugged it on the net and left it for a few days before I had time to read the doc, and it’s then (so, after a few days) that I learned that the Turris comes with a standard factory password, not one that is unique.
So after a few days on the net with a factory password, it’s a quite safe bet to consider it compromised.
For something that is as crucial for security than the router itself, I should really nuke it from orbit, it’s the only way to be sure.
But since the Turris is quite costly (not saying that it’s not worth it, just that I’d prefer not to throw away something of this price) and a nuke probably even more (even not counting the cost of putting it in orbit), I’d like to try another approach.
So what should I do to be sure of getting rid of the worst compromise that could have happened ?
And how should I do it ?