site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

Broadband Tech > Security > Security > Open-source firmware flaw exposes wireless routers - DD-WRT

Search Topic:
 Share Topic
Posting?
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
AuthorAll Replies


JohnInSJ
Premium
join:2003-09-22
San Jose, CA
Reviews:
·PHONE POWER
·Comcast

reply to therube

Re: Open-source firmware flaw exposes wireless routers - DD-WRT

They know YOUR NATed IP. The router IP isn't your IP. Ever.

So they have a 1 in 254 chance of guessing right? As pointed out above that's assuming you've visited HaxRUs.ru with scripting enabled, as well.

I think this is one of those "ohhh sounds scary on paper" exploits.
--
My place : »www.schettino.us
to forum · permalink · 2009-07-22 12:11:36 ·


Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB
kudos:3
Reviews:
·Shaw

said by JohnInSJ:

They know YOUR NATed IP. The router IP isn't your IP. Ever.

So they have a 1 in 254 chance of guessing right? As pointed out above that's assuming you've visited HaxRUs.ru with scripting enabled, as well.

I think this is one of those "ohhh sounds scary on paper" exploits.
What percentage of networks defended by a DD_WRT router have the router IP as 192.168.1.1 (most), tagged on something like checking 10.0.0.1 if the initial attempt failed and I think you would have a huge percentage of networks owned.

Now if you downloaded/run an app (might tip off the user that something bad was happening) that checked for the gateway address and hence likely the router IP. So there are ways to increase the number of 'routers' owned, but I'm betting the extra payoff wouldn't be worth the extra effort/risk in the hacker's mind so they have likely hardcoded the most frequent addresses used.

Blake
--
Vendor: Author of Link Logger which is a traffic analysis and firewall logging tool
to forum · permalink · 2009-07-22 17:01:27 ·


JohnInSJ
Premium
join:2003-09-22
San Jose, CA
Reviews:
·PHONE POWER
·Comcast

said by Link Logger:

What percentage of networks defended by a DD_WRT router have the router IP as 192.168.1.1 (most), tagged on something like checking 10.0.0.1 if the initial attempt failed and I think you would have a huge percentage of networks owned.
So, your assumption is that most DDWrt users are just about clueless?

Disabling web admin seems a reasonable 100% successful solution if you can't be arsed to put your router on any unexpected subnet (the other 100% magic solution)
--
My place : »www.schettino.us
to forum · permalink · 2009-07-22 18:05:39 ·
Forums > Broadband Tech > Security > Security

Saturday, 02-Jun 19:20:01 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 12.5 years online © 1999-2012 dslreports.com.
Most commented news this week
Hot Topics