Millions of routers vulnerable to web attack

By Jos ยท 14 replies
Jul 21, 2010
Post New Reply
  1. An upcoming presentation at the Black Hat security conference later this month will reportedly demonstrate how millions of household routers, from popular brands such as Netgear, Linksys, and Belkin, suffer from a vulnerability that allows hackers to intercept and redirect traffic as well as access computers on a local network. The flaw was discovered by Maryland-based security consultancy Seismic and exploiting it involves an old a technique called DNS rebinding.

    Read the whole story
  2. posermobile89

    posermobile89 TS Rookie Posts: 72

    Does anybody if DD-WRT is vulnerable? I flashed my router with that awhile back...
  3. same boat here.
  4. Jos

    Jos TechSpot Staff Topic Starter Posts: 3,073   +97

  5. JMMD

    JMMD TechSpot Chancellor Posts: 854

    I've been seeing this info for a while but I have yet to see any router manufacturers respond. From my experience, they don't really keep up with firmware updates once the router is a few years old. Even current models haven't had regular updates.
  6. posermobile89

    posermobile89 TS Rookie Posts: 72

    @Jos, Thanks. I opened the link, but i missed that one. I was hoping for protection with that :/
  7. jobeard

    jobeard TS Ambassador Posts: 11,138   +985

    ALL routers are susceptible *IF* the admin password has been left in the default settings :(
  8. Vrmithrax

    Vrmithrax TechSpot Paladin Posts: 1,352   +293

    From what I read elsewhere, DD-WRT is only really vulnerable in the case of hacked or guessed admin passwords. The recent builds don't seem to have the vulnerability that will let people get around the admin login.

    And, quite honestly, if you have left the default password on your router, you've been asking to get hacked since day 1. It's basic security 101, change all of the defaults: router name (SSID), password, IP Address (if you can), etc.
  9. jobeard

    jobeard TS Ambassador Posts: 11,138   +985

    For obvious reasons, I'll not disclose the technical HOW-TO, but using the default login and
    a trivial piece of web-client-side programming, it is possible to entirely reload even the firmware of 99% of the current routers available.

    The issue is, as already said
    you're on the ragged edge with the default configuration.
  10. treetops

    treetops TS Evangelist Posts: 2,073   +219

    Looks like my old routers on there but my new one is not, they all thought I was crazy to add my own password to my router, but whos laughing now?!!!?!!
  11. Zeromus

    Zeromus TS Booster Posts: 227   +7

    I hear there's a virus that can make the router push it's reset button! Oh the horror!
  12. Does any one know if a netgear CG814GCMR is vulnerable?
  13. jobeard

    jobeard TS Ambassador Posts: 11,138   +985

    see #9 above
  14. Leeky

    Leeky TS Evangelist Posts: 3,797   +117

    Do people really keep the default password on there router?!?

    First thing I do is change the default password to a 16 digit hexadecimal one using a password generator. Second thing is to uncheck allow remote login, so you need to be physically connected by ethernet cable to even login with the correct details.

    Then my SSID is changed, and a stupidly long hexadecimal password is used, with WPA PSK security. then my SSID is hidden, so it doesn't broadcast itself.

    I also change the password every other month. At least if someone is trying to hack it it'll probably take long to brute force it than the password is live!

    Then to top it all off, connections are granted by MAC address, so only computers in the whitelist can connect to the router.

    Its an **** updating everything every other month, but I refuse to have anyone use my 50mb connection or have access to my files once in the router.

    One thing I don't ever do is use the windows Automatic connection wizard thing by pressing the button on the side of my router... I did it once and 3 of my neighbours wireless computers connected to my network!

    I'm using a D-Link DIR-615 with wwrt firmware... So I hope its safe or I'll be changing it!
  15. jobeard

    jobeard TS Ambassador Posts: 11,138   +985

    You're spot on - - be procative and take control :wave:
    sadly, yes especially non-wifi users as the devices require no configuration to become
    accessible and the instructions do not suggest the need to change anything (but do users read them at all :sigh: )

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...