dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
6
share rss forum feed

upb
Premium
join:2004-03-15
Carriere, MS
kudos:1
reply to evad123

Re: DNS Hijack on 2wire routers?

You appear to be describing the 2wire vulnerability discussed below in the thread »2Wire Cross Site Request Forgery Vulnerability

Several ways of protecting yourself from the vulnerability are suggested there.



jr9730

join:2000-11-22
Torrance, CA

The fix is under way..


bjparker

join:2004-09-13
England

said by jr9730:

The fix is under way..
When? My router got attacked today, for the second time in a month, fortunately I had a partial fix in place that just meant the DNS stopped working (presumably they block OpenDNS).

These exploits have been talked of for 1 year and in the wild for about 3 months!

Does 2wire actually do anything?

muiredised
ESSE QUAM VIDERI

join:2007-06-11
Tacoma, WA
kudos:1

You can implement a temporary fix yourself. The first post in the following thread describes how to protect yourself until 2wire fixes the issue »2Wire Cross Site Request Forgery Vulnerability .

Here is a short summary:

First, change the IP scheme that the 2wire is using for your home network. Specifically, change the IP address of the 2wire router itself. This will prevent attacks against 192.168.1.254.

Next you have to prevent attacks against the domains "home" and "gateway.2wire.net". You can do this a couple of ways. You can modify your hosts file and point those domains to 127.0.0.1... or you can hardcode the dns settings into your computer so that your computer is not using the 2wire to resolve domain names.

Of course the bottom line is 2wire needs to plug this hole. When will that happen? Who knows.
--
Assiduus usus uni rei deditus et ingenium et artem saepe vincit