PDA

View Full Version : "Millions" Of Home Routers Vulnerable To Web Hack



Gingersnap
07-16-2010, 12:52 PM
"Millions" Of Home Routers Vulnerable To Web Hack

July 13, 2010 - 1:37 pmShare409
Andy GreenbergBio | Email
Andy Greenberg is a technology writer for Forbes.

The upcoming Black Hat security conference in Las Vegas offers an annual parade of security researchers revealing new ways to break various elements of the Internet. But few of the talks have titles quite as alarming as one on this year's schedule: "How to Hack Millions of Routers."

Craig Heffner, a researcher with Maryland-based security consultancy Seismic, plans to release a software tool at the conference later this month that he says could be used on about half the existing models of home routers, including most Linksys, Dell, and Verizon Fios or DSL versions. Users who connect to the Internet through those devices and are tricked into visiting a page that an attacker has set up with Heffner's exploit could have their router hijacked and used to steal information or redirect the user's browsing.

Heffner's attack is a variation on a technique known as "DNS rebinding," a trick that's been discussed for close to 15 years. "There have been plenty of patches over the years, but this still hasn't really been fixed," he says.

Great.

Forbes (http://blogs.forbes.com/firewall/2010/07/13/millions-of-home-routers-vulnerable-to-web-hack/)

djones520
07-16-2010, 12:54 PM
This is why we get our router and security from our cable company.

BadCat
07-16-2010, 04:57 PM
Great.

One of the oldest tricks in the book, and very easy to pull off.

Gingersnap
07-16-2010, 10:29 PM
One of the oldest tricks in the book, and very easy to pull off.

I've secured my own router and I run a savage firewall. I just hate to hear about these things. :(

enslaved1
07-20-2010, 02:14 AM
Millions of routers are vulnerable because they don't have any security turned on or still have the default password enabled. Much less work.

fettpett
07-20-2010, 03:36 AM
the one place i'm not secure....getting all the comps hooked up with passwords when the other two in the house would be lost without me, is too much of a pain in the ass....though it does need to be done

SarasotaRepub
07-31-2010, 11:48 AM
Millions of routers are vulnerable because they don't have any security turned on or still have the default password enabled. Much less work.

Verizon has fixed the problem with the default password, they have reset the password to the routers serial number.