Millions of routers vulnerable to web attack

Jos

Posts: 3,073   +97
An upcoming presentation at the Black Hat security conference later this month will reportedly demonstrate how millions of household routers, from popular brands such as Netgear, Linksys, and Belkin, suffer from a vulnerability that allows hackers to intercept and redirect traffic as well as access computers on a local network. The flaw was discovered by Maryland-based security consultancy Seismic and exploiting it involves an old a technique called DNS rebinding.

Read the whole story
 

JMMD

Posts: 840   +7
I've been seeing this info for a while but I have yet to see any router manufacturers respond. From my experience, they don't really keep up with firmware updates once the router is a few years old. Even current models haven't had regular updates.
 

jobeard

Posts: 13,832   +1,749
ALL routers are susceptible *IF* the admin password has been left in the default settings :(
 

Vrmithrax

Posts: 1,519   +552
From what I read elsewhere, DD-WRT is only really vulnerable in the case of hacked or guessed admin passwords. The recent builds don't seem to have the vulnerability that will let people get around the admin login.

And, quite honestly, if you have left the default password on your router, you've been asking to get hacked since day 1. It's basic security 101, change all of the defaults: router name (SSID), password, IP Address (if you can), etc.
 

jobeard

Posts: 13,832   +1,749
For obvious reasons, I'll not disclose the technical HOW-TO, but using the default login and
a trivial piece of web-client-side programming, it is possible to entirely reload even the firmware of 99% of the current routers available.

The issue is, as already said
if you have left the default password on your router, you've been asking to get hacked since day 1.
you're on the ragged edge with the default configuration.
 

treetops

Posts: 2,952   +736
Looks like my old routers on there but my new one is not, they all thought I was crazy to add my own password to my router, but whos laughing now?!!!?!!
 

Leeky

Posts: 3,357   +116
Do people really keep the default password on there router?!?

First thing I do is change the default password to a 16 digit hexadecimal one using a password generator. Second thing is to uncheck allow remote login, so you need to be physically connected by ethernet cable to even login with the correct details.

Then my SSID is changed, and a stupidly long hexadecimal password is used, with WPA PSK security. then my SSID is hidden, so it doesn't broadcast itself.

I also change the password every other month. At least if someone is trying to hack it it'll probably take long to brute force it than the password is live!

Then to top it all off, connections are granted by MAC address, so only computers in the whitelist can connect to the router.

Its an **** updating everything every other month, but I refuse to have anyone use my 50mb connection or have access to my files once in the router.

One thing I don't ever do is use the windows Automatic connection wizard thing by pressing the button on the side of my router... I did it once and 3 of my neighbours wireless computers connected to my network!

I'm using a D-Link DIR-615 with wwrt firmware... So I hope its safe or I'll be changing it!
 

jobeard

Posts: 13,832   +1,749
You're spot on - - be procative and take control :wave:
Do people really keep the default password on there router?!? !
sadly, yes especially non-wifi users as the devices require no configuration to become
accessible and the instructions do not suggest the need to change anything (but do users read them at all :sigh: )