republican-creole
Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Equipment Support » Hardware By Brand » 2Wire » DNS Hijack on 2wire routers?
Search Topic:
 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Read the FAQs! ·Need Help? ·2W Home Page ·2W Support Page
2701HG-B Frequent loss of Internet light, and now rebooting »
« Block MSN Messenger in the company  
AuthorAll Replies

upb
Premium
join:2004-03-15
Carriere, MS
·AT&T Southeast

reply to evad123
Re: DNS Hijack on 2wire routers?

You appear to be describing the 2wire vulnerability discussed below in the thread »2Wire Cross Site Request Forgery Vulnerability

Several ways of protecting yourself from the vulnerability are suggested there.
to forum · permalink · · 2008-03-13 19:18:14 · Reply to this


jr9730

join:2000-11-22
Torrance, CA		 The fix is under way..
to forum · permalink · · 2008-03-13 22:05:46 · Reply to this

bjparker

join:2004-09-13
England
said by jr9730 See Profile :

The fix is under way..
When? My router got attacked today, for the second time in a month, fortunately I had a partial fix in place that just meant the DNS stopped working (presumably they block OpenDNS).

These exploits have been talked of for 1 year and in the wild for about 3 months!

Does 2wire actually do anything?
to forum · permalink · · 2008-03-29 16:43:39 · Reply to this

muiredised
ESSE QUAM VIDERI

join:2007-06-11
Tacoma, WA

 You can implement a temporary fix yourself. The first post in the following thread describes how to protect yourself until 2wire fixes the issue »2Wire Cross Site Request Forgery Vulnerability .

Here is a short summary:

First, change the IP scheme that the 2wire is using for your home network. Specifically, change the IP address of the 2wire router itself. This will prevent attacks against 192.168.1.254.

Next you have to prevent attacks against the domains "home" and "gateway.2wire.net". You can do this a couple of ways. You can modify your hosts file and point those domains to 127.0.0.1... or you can hardcode the dns settings into your computer so that your computer is not using the 2wire to resolve domain names.

Of course the bottom line is 2wire needs to plug this hole. When will that happen? Who knows.
--
Assiduus usus uni rei deditus et ingenium et artem saepe vincit
to forum · permalink · · 2008-03-29 21:54:37 · Reply to this
Forums » Equipment Support » Hardware By Brand » 2Wire2701HG-B Frequent loss of Internet light, and now rebooting »
« Block MSN Messenger in the company  

Monday, 09-Nov 19:59:07 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [68] VoIP Over 3G Still Not Working For iPhone
· [58] Verizon Keeps Swinging At AT&T
· [32] Bill Would Force ISPs To Block Financial Scams
· [16] Mediacom Hints At 50, 100 Mbps Speeds
· [12] Clearwire To Get Another $1.5 Billion
· [9] 15 States Have Now Gotten Broadband Mapping Money
· [5] AT&T Launching New 7.2 Mbps 3G Modem
· [2] Monday Morning Links
Most people now reading
· Divorce advice... [General Questions]
· Google Has Acquired Gizmo5 [VOIP Tech Chat]
· How in the world am I going to get into college? [General Questions]
· Blown out Ballasts [Home Repair & Improvement]
· Framed for child porn 151; by a PC virus [Security]
· My cat is reluctant to exercise. [General Questions]
· A fishy CRTC tarriff filed by bell? [TekSavvy]
· [SU] Apple Releases Mac OS X 10.6.2 [All Things Macintosh]
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· 60 Minutes piece on cyber security last night [Security]