patcat88
join:2002-04-05
Jamaica, NY
| hw assignment
Um, what exactly is taken over, I see the associating with a router part, I dont see the carrier. Is this someone's idea of a semester long project, that they conviently ignore certain real world facts in order to make this hypothetical study?
The only carrier I can think of would be exploiting a linux/firmware security hole, or interfering with TCPIP traffic and injecting something to infect a web browser or similar PC application/ |
|
AnonProxy
Proxy of Anon
Premium
join:2001-05-12
ß | bla bla bla
More experts talking out of their ass trying to create a buzz about theories that are basically crap.
Here's a new phrase I just coined...
Wandemic or Wan-demic in the same vein as pandemic but for wans. |
|
TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
 ·Sprint Mobile Broa..
 ·Comcast
1 edit | reply to patcat88
Re: hw assignment
said by patcat88  :Um, what exactly is taken over, I see the associating with a router part, I dont see the carrier. Is this someone's idea of a semester long project, that they conviently ignore certain real world facts in order to make this hypothetical study? The only carrier I can think of would be exploiting a linux/firmware security hole, or interfering with TCPIP traffic and injecting something to infect a web browser or similar PC application/ I read the linked PDF on this and there is no mention of how you would infect a router once you can gain access to it. Their whole paper is based on ease of access due to no or weak security. There is nothing on how malware could get on the router once access is attained. The only home WiFi routers I am familiar with(Netgear & Linksys) do not let you change code except thru an ethernet linked PC.
--
Internet News
My BLOG
My Web Page |
|
Cjaiceman
Premium,MVM
join:2004-10-12
Parker, CO
·Comcast Workplace
·Comcast
| No chance here, keep lookin...
I agree with above that this is a theory at best, but I am prepared and have been for a long time. I run a WRT54G with Thibor15c, WPA2-PSK with 21+ character key, hidden SSID and MAC filtering. The next large step up from this is to just turn off the wireless. I guess I could do that if needed since this doesn't run as a router, just an AP.
For all the people running open wireless I think they should secure it to prevent a large outbreak of something like this, but I just for some reason can't see this moving around too much. Just something about there being a lot of different types of routers, Linksys, Netgear, Belkin, D-Link just to name a few.
--
HOT JAMZ 94FM
Listen Live at »sc7.shoutcaststreaming.us:8206/listen.pls |
|
wruckman
Ruckman.net
join:2007-10-25
Northwood, OH | Awsome!
I find it hilarious that computers are becoming more and more like us. Modeling them in our own image. Even our weaknesses are becoming their weaknesses. haha! |
|
Uhh
@insightns.com | girls
They aren't going to tell you how to do it. LOL |
|
quatrix
Premium
join:2005-02-11
Davie, FL | reply to Cjaiceman
Re: No chance here, keep lookin...
Slightly overkill, but okay. AES instead of TKIP? |
|
GlobalMind
Domino Dude, POWER Systems Guy
Premium
join:2001-10-29
Hollywood, FL | GO IU
Good stuff or not, might as well give props to the alma mater.
In any event, hasn't it been considered best practice for some time now to use WPA? |
|
The Mad Hacker
@qwest.net | Doesn't make sense
Consumer grade wireless routers don't talk to each other, how can malware spread wirelessly through them? |
|
cacroll
Eventually, Prozac becomes normal
Premium
join:2002-07-25
Martinez, CA
| reply to TKJunkMail
Re: hw assignment
said by TKJunkMail :The only home WiFi routers I am familiar with(Netgear & Linksys) do not let you change code except thru an ethernet linked PC.
Every WiFi router that I've seen lets you flash firmware by connecting to the management server. Using Ethernet or Wifi is equally acceptable to the firmware update process.
I constantly and seriously advise against using WiFi for firmware updates, as it is the best way that I can think of to brick a router. But I don't think that the update process prevents you.
--
Cheers,
Chuck
MS-MVP 2005-2007 [Windows - Networking]
PChuck's Network |
|
joako
Premium
join:2000-09-07
/dev/null
 ·AT&T U-Verse
| reply to TKJunkMail
I've flashed firmware plenty of times via WiFi. What needs to be done is somewhat elaborate: create firmwares for the routers and be able to identify the router connected to and load the correct firmware. It's not impossible.... it's not even that hard just needs someone that is dedicated and applies their effort into the matter.
Also many routers use Linux so there might be a more trivial way to have the router execute some code.
--
Am Heimcomputer sitz' ich hier, und programmier' die Zukunft mir |
|
cacroll
Eventually, Prozac becomes normal
Premium
join:2002-07-25
Martinez, CA
| said by joako :I've flashed firmware plenty of times via WiFi.
I do 5 things before flashing firmware.
•Record or save all settings.
•Reset all settings to factory defaults.
•Turn the radio off (if WiFi).
•Disconnect all Ethernet connections.
•Connect one single Ethernet cable, to one single computer.
The second time I flashed my BEFSX41, I neglected to remove all Ethernet cables. That was when I had to learn, from a thread in this forum, how to unbrick a BEFSX41.
Maybe I can flash using WiFi. Maybe I can drive down the highway at 80 mph and not get nailed by the cops. Maybe not.
I don't recommend speeding to anybody. Nor will I recommend using WiFi to flash firmware.
--
Cheers,
Chuck
MS-MVP 2005-2007 [Windows - Networking]
PChuck's Network |
|
wxboss
This is like Deja vu all over again.
Premium
join:2005-01-30
Jacksonville, FL
clubs:
·Comcast
| Wifi Bewilderment
If anything good comes out of this, maybe it will be the awareness for the need to lock down your networks.
One guy that I work with deliberately keeps his WAN unlocked so that, 'The neighbors can use it as we all share our networks.'
After just a few minutes of trying to ingrain the need for some security, I realized that my attempts were futile. Some people - if they don't already know, you just can't tell them.
--
"A study in the Washington Post says that women have better verbal skills
than men. I just want to say to the authors of that study: Duh."
--Conan O'Brien |
|
toadlife
Premium
join:2004-05-03
Lemoore, CA | reply to Cjaiceman
Re: No chance here, keep lookin...
Using a hidden SSID and Mac Filtering accomplish nothing in the way of wireless security.
WPA2 is the only thing you need. |
|
joako
Premium
join:2000-09-07
/dev/null | reply to patcat88
Re: hw assignment
Totally agree.. I wouldn't try to flash a router when I have ethernet access to it... just saying its possible and most of the time it will work.
--
Am Heimcomputer sitz' ich hier, und programmier' die Zukunft mir |
|
cacroll
Eventually, Prozac becomes normal
Premium
join:2002-07-25
Martinez, CA
| reply to Cjaiceman
Re: No chance here, keep lookin...
said by Cjaiceman :I run a WRT54G with Thibor15c, WPA2-PSK with 21+ character key, hidden SSID and MAC filtering.
A hidden SSID, and MAC address filtering, will protect you from your clueless neighbor who is just learning how to turn his computer on. They will do nothing to protect you from the really bad guys who can hurt you, or damage your reputation. Plus, they identify you, in a way that you don't need:
•Someone who wants to hide.
•Someone who hasn't a clue how to protect himself.
Like a typical tourist, with bulging camera bag, shoulder bag, and map which he is anxiously perusing, on a crowded city street, a WiFi network using a hidden SSID and MAC address filtering, is seen as an easy target by the beginner level criminals. The pros will attack you when they are bored, or really broke.
»nitecruzr.blogspot.com/2008/01/m···ing.html
»nitecruzr.blogspot.com/2005/05/d···sid.html
--
Cheers,
Chuck
MS-MVP 2005-2007 [Windows - Networking]
PChuck's Network |
|
huh
| reply to The Mad Hacker
Re: Doesn't make sense
said by The Mad Hacker :
Consumer grade wireless routers don't talk to each other, how can malware spread wirelessly through them?
This is what I want to know. Will they try to find other ones over their broadband connection?
Isn't the default for most access points to NOT have the remote management enable?
Or do they expect a vulnerability to be used via the lan to propagate? and that isn't a wireless infection method as they are trying to 'hype'.
KP |
|
JimF
join:2003-06-15
Allentown, PA
1 edit | reply to The Mad Hacker
On page 2 of the PDF, they state:
"Further, as routers need to be within relatively close proximity to each other to communicate wirelessly, an attack can now take advantage of the increasing density of WiFi routers in urban areas that creates large geographical networks where the malware can propagate undisturbed."
So they are simply assuming some sort of wireless network, maybe a mesh network for coverage of large areas. On the other hand, earlier on that page, they talk about the percentage of households that have WiFi routers. Clearly, those don't (at present) talk to each other. So they are mixing apples and oranges. |
|
