SOHO Network Routers Are Ripe For Hacking; Is Yours On The List?

rated by 0 users
This post has 3 Replies | 0 Followers

Top 10 Contributor
Posts 24,877
Points 1,116,675
Joined: Sep 2007
ForumsAdministrator
News Posted: Fri, Apr 26 2013 2:56 PM
Here’s one more thing you can fret about: Security evaluator ISE has discovered that a number of popular SOHO routers and WiFi access points are vulnerable to hacking. The firm calls the vulnerability a “critical security” problem, which is to say that a remote hacker could take over a router and change configuration settings or a local hacker could also skip the authentication process, and in both cases, the hacker would be able view and even change traffic on the network.

The firm looked at 13 different off-the-shelf devices to evaluate them for security vulnerabilities. What they found is startling. “Our research indicates that a moderately skilled adversary with LAN or WLAN access can exploit all thirteen routers,” said the group in a post. “We also found that nearly all devices had critical security vulnerabilities that could be exploited by a remote adversary, resulting in router compromise and unauthorized remote control. At least half of the routers that provided network attached storage (NAS) were found to be accessible by a remote adversary.”

Belkin router
Belkin F5D8236-4 v2

They found that all thirteen devices they looked at are vulnerable to local attacks, and four of them didn’t require an active management session. All but two of them could be hacked over a wireless connection, and two of those could be penetrated with no active management session.

ISE included a handy chart so you can see if your router is on the list. They divided the types of attacks into three categories: Trivial (can be launched directly against the router without credentials), unauthenticated (requires some sort of human error on the part of the hackee, but not an active session), and authenticated attacks (requires an active session or at least access to credentials).

Hackable router chart

Unfortunately, there doesn’t seem to be a whole lot that end users can do about this problem right now. ISE recommends that vendors keep device firmware and security patches up to date and available and let users know about the vulnerabilities, in addition to developing authenticated firmware, offering opt-out firmware update options, and running regular security audits. It recommends that admins keep firmware current, disable remote administration, and other basic best practice maintenance and procedures.

For end users, all you can do is try to avoid phishing scams, observe browser or software warnings, and generally be smart about online activity.
  • | Post Points: 50
Top 10 Contributor
Posts 5,048
Points 60,675
Joined: May 2008
Location: U.S.
Moderator
3vi1 replied on Fri, Apr 26 2013 4:27 PM

>> Unfortunately, there doesn’t seem to be a whole lot that end users can do about this problem right now.

Actually, some of those device (the Linksys 310 for sure) will run DD-WRT (http://www.dd-wrt.com). Go replace your firmware with it! It's better, more feature-filled firmware anyway.

What part of "Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn" don't you understand?

++++++++++++[>++++>+++++++++>+++>+<<<<-]>+++.>++++++++++.-------------.+++.>---.>--.

  • | Post Points: 5
Top 150 Contributor
Posts 536
Points 4,485
Joined: Apr 2012
Location: Schertz, Texas
ajm531 replied on Fri, Apr 26 2013 8:00 PM

That last statement cannot be overstated. Be smart about what your browsing people. If you dont recognized dont download it.

  • | Post Points: 5
Top 150 Contributor
Posts 619
Points 5,260
Joined: Dec 2011

My Asus is fine :D

  • | Post Points: 5
Page 1 of 1 (4 items) | RSS