republican-creole
site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

Broadband Tech > Security > Security > In the Wild: Zlob Changing Router Settings to Hijack DNS

Search Topic:
 Share Topic
Posting?
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
AuthorAll Replies


Cthen

join:2004-08-01
Detroit, MI
Reviews:
·Comcast
·AT&T Midwest
·Comcast

reply to Mele20

Re: In the Wild: Zlob Changing Router Settings to Hijack DNS

said by Mele20:

said by jabarnut:

See ahulett See Profile's post. That describes it pretty well.

»Re: In the Wild: Zlob Changing Router Settings to Hijack DNS

As far as those "user-friendly Setup Wizard" CD's, I just throw them in the garbage or use them for target practice myself.
Yes. I read Aaron's post. But it doesn't apply to this Linksy router. I quoted from the Linksy page for this router. You have to set it up ...even the current version. I just answered two posts recently (not here) from users who had just bought this router and had questions about setting it up.

Obviously, SOME ROUTERS AND SOME ISPS allow you to do nothing but plug in the router. Obviously, my ISP and router are superior because they require you to not be a dumb idiot who does stupid things regarding routers. But teaching your children or anyone else to not configure the router really surprises me since this is a security forum. ALL USERS need to be educated properly about security including how to use a router securely. If this is done then there will be no problems regarding default passwords. Geez.
All your arguing through this amounts to squat at what the article is referring to. Sure you may or may not have to configure a router to get a connection but that point means nothing. Either way this type of exploit needs a connection to be up and running for anything to happen or to even get the malware on your machine in the first place.

So here is how it all plays out. Joe Blow buys a router (and this can even be your beloved Linksys model), he did what he needed to do in configuring it so he could get a connection. That's all he did because hey, it works now! So Joe Blow visits a site to see a video but it tells him he needs to download a codec to play the video. Well ofcourse he wants to see the video so he downloads and installs this codec and gets to see his video. Due to Joe Blow's ignorance his router is about to get pwned in the next few minutes. Why? Joe Blow never changed his default user name and password to his router! Sure he cloned the MAC addy as needed and had to do maybe a few other thing to get the connection going, but that was it.

Sadly, that's the reality here. You can buy any router you want from any store be it online or brick and mortar. Configure said router any which way you please. However if the default username and password isn't changed, it will get pwned by this if it's on one of your machines.

Now do you get it?
to forum · permalink · 2008-06-13 09:09:49 ·
Forums > Broadband Tech > Security > Security

Thursday, 31-May 01:51:34 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 12.5 years online © 1999-2012 dslreports.com.
Most commented news this week
Hot Topics