Announcement

Collapse
No announcement yet.

"How to hack millions of routers" (scary stuff!)

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    "How to hack millions of routers" (scary stuff!)

    Craig Heffner, a researcher with Maryland-based security consultancy Seismic, plans to release a software tool at the conference later this month that he says could be used on about half the existing models of home routers, including most Linksys, Dell, and Verizon Fios or DSL versions. Users who connect to the Internet through those devices and are tricked into visiting a page that an attacker has set up with Heffner's exploit could have their router hijacked and used to steal information or redirect the user's browsing.
    http://blogs.forbes.com/firewall/201...e-to-web-hack/
    Welcome newbies!
    Verify the ISO
    Kubuntu's documentation

    #2
    Re: "How to hack millions of routers" (scary stuff!)

    Can't you preemptively sue him? (Yeah, I know it sounds crazy but that's still dangerous...)
    Multibooting: Kubuntu Noble 24.04
    Before: Jammy 22.04, Focal 20.04, Precise 12.04 Xenial 16.04 and Bionic 18.04
    Win XP, 7 & 10 sadly
    Using Linux since June, 2008

    Comment


      #3
      Re: "How to hack millions of routers" (scary stuff!)

      I don't think that's scary. At least not until you add some likelihood that it can be done. Everyone is just looking for readership, that's all.

      I think the router list in the article is just a bit of fluff to make this look serious. There are not enough specifics (such as what software the router is running) to make this useful.

      However, if I understood the story correctly, the hack depends on knowing the password to the router. Nice assumption by the way. I'm not sure how representative my particular situation is, but between my public IP and my computer is at least two routers, and there are 7 or 8 hops to my ISP. My point is that there are a lot of ifs in that story. Since I use my router as a firewall, it is password protected. Hopefully my ISP had the presence of mind to set passwords for their routers as well. You never know though, maybe they forgot.

      Comment


        #4
        Re: "How to hack millions of routers" (scary stuff!)

        Many users of routers on their home network never change the default password. On numerous occasions I have gone to someone's home or small business to help them with a networking problem and easily logged into their router using the default password. When I showed them how easy it is to go in and determine and change their security settings they are amazed. Also, many users leave their wireless enabled even though they are not using wireless, and by default there are no security settings. They are aghast when I show them how easily someone could access their network from a car parked near their building.

        Comment


          #5
          Re: "How to hack millions of routers" (scary stuff!)

          Originally posted by Detonate
          Many users of routers on their home network never change the default password. On numerous occasions I have gone to someone's home or small business to help them with a networking problem and easily logged into their router using the default password. When I showed them how easy it is to go in and determine and change their security settings they are amazed. Also, many users leave their wireless enabled even though they are not using wireless, and by default there are no security settings. They are aghast when I show them how easily someone could access their network from a car parked near their building.
          That there hits the nail on the head. The default PW is never changed. ALL of my routers including family members have that changed.

          Comment


            #6
            Re: "How to hack millions of routers" (scary stuff!)

            Originally posted by Ole Juul
            There are not enough specifics (such as what software the router is running) to make this useful.
            You are right, there is not enough information in the article. We'll have to wait for the presentation at Black Hat to get all the details.

            I change the default password on my router. I don't disable wireless because I use it. I enable MAC filtering for the wireless side. I also strictly limit the DHCP pool to what I need. Any one of those things is not enough by itself, but put all of them together and my router seems a lot less inviting to strangers.
            Welcome newbies!
            Verify the ISO
            Kubuntu's documentation

            Comment


              #7
              Re: "How to hack millions of routers" (scary stuff!)

              Originally posted by Telengard
              Originally posted by Ole Juul
              There are not enough specifics (such as what software the router is running) to make this useful.
              You are right, there is not enough information in the article. We'll have to wait for the presentation at Black Hat to get all the details.

              I change the default password on my router. I don't disable wireless because I use it. I enable MAC filtering for the wireless side. I also strictly limit the DHCP pool to what I need. Any one of those things is not enough by itself, but put all of them together and my router seems a lot less inviting to strangers.

              That is a good general set up. The only thing I don't use is MAC filtering. I really don't think that a lot of wireless router users would know to do all of this. I could be wrong. Maybe they don't want to take the time. Either way it leaves holes.

              Comment


                #8
                Re: "How to hack millions of routers" (scary stuff!)

                I normally change both the factory default IP address and the password, and enable MAC filtering.

                I noticed that my neighbors don't ...

                Comment


                  #9
                  Re: "How to hack millions of routers" (scary stuff!)

                  Originally posted by MoonRise
                  That is a good general set up.
                  I do other things too, but it seems a bit off topic to discuss here.

                  The only thing I don't use is MAC filtering.
                  Everyone using a wireless router should consider MAC filtering. It adds one extra step to getting a wireless device added to the network, but ensures that you have total control over what devices can connect. There may be ways around it, but I haven't found any. (It won't prevent the exploit described in the article though.)

                  I really don't think that a lot of wireless router users would know to do all of this.
                  They don't, and they don't care either. They just want something they can plug in and expect it to work automatically. Consumer network devices typically come pre-configured with the most liberal settings imaginable to make it easy to set up. The worst part is that default passwords for every consumer router are one Google away for any hacker who cares to try.

                  Originally posted by dibl
                  I normally change both the factory default IP address and the password, and enable MAC filtering.

                  I noticed that my neighbors don't ...
                  Changing the default network address is a good idea too. (Won't protect from the exploit described in the article though)
                  Welcome newbies!
                  Verify the ISO
                  Kubuntu's documentation

                  Comment


                    #10
                    Re: "How to hack millions of routers" (scary stuff!)

                    The only thing I don't use is MAC filtering.
                    Everyone using a wireless router should consider MAC filtering. It adds one extra step to getting a wireless device added to the network, but ensures that you have total control over what devices can connect. There may be ways around it, but I haven't found any. (It won't prevent the exploit described in the article though.)
                    MAC spoofing, which can be done, but again the hacker must be aware of an existing MAC.


                    @Dibl
                    Yes I've changed my IP address scheme as well and agree with Telengard that it probably would have no real security enhancement. Though the hackers of the world have proven a lot of statements as such as wrong/flawed.

                    Comment


                      #11
                      Re: "How to hack millions of routers" (scary stuff!)

                      Even though none of these security measures will guarantee a hack proof system, it only makes sense to make your system as secure as possible. At least you will deter the casual broadband stealer. Such as some one using your connection to download or upload tons of kiddie porn an having law enforcement trace it back to your IP. If you keep sensitive information, and someone who has expert hacking knowledge really wants that information they can probably figure out a way to get it. But they may pass you up to seek an easier target.

                      I would suggest, that in addition to doing what you can to protect your system, you should also encrypt your sensitive information with a very strong password and change it often.

                      Comment


                        #12
                        Re: "How to hack millions of routers" (scary stuff!)



                        Originally posted by MoonRise
                        MAC spoofing, which can be done, but again the hacker must be aware of an existing MAC.
                        if i can see you wifi chances are i can also see a valid MAC Address to spoof..

                        i see that both ddwrt and openwrt are on the list.. but i find it hard to believe that most of the uses of either one of those firmware replacements leave either the password or the username default after installing the firmware the first thing it wants is a new username and password to admin with.
                        Mark Your Solved Issues [SOLVED]
                        (top of thread: thread tools)

                        Comment

                        Working...
                        X