antdudeMatrix Ant Premium Member join:2001-03-25 US
2 recommendations |
antdude
Premium Member
2014-Mar-3 4:36 pm
Hackers hijack 300,000-plus wireless routers, make malicious changes |
|
85160670 (banned)"If U know neither the enemy nor yoursel join:2013-09-17 Edmonton, AB |
85160670 (banned)
Member
2014-Mar-3 6:59 pm
{{{ SMILE }}} ..... indeed |
|
|
|
to antdude
Sobering article. I'm about to install a new router, an ASUS RT N66U and don't know what I should or could do to make things safer for my network given these known exploitations. |
|
3 recommendations |
I saw one interesting thing (near the end)- a recommendation to use a command-line configuration (instead of a web interface). My guess that this is generally impractical, since few home users would be up to this (some of them can probably barely understand the web configuration). |
|
dib22 join:2002-01-27 Kansas City, MO
1 recommendation |
to Doc Casualty
said by Doc Casualty: I'm about to install a new router, an ASUS RT N66U and don't know what I should or could do to make things safer for my network given these known exploitations. Asus makes great hardware, but put Tomato on it. I like shibby's but there are plenty of builds out there. » tomato.groov.pl/?page_id=69 |
|
norwegian Premium Member join:2005-02-15 Outback
2 recommendations |
to daveinpoway
said by daveinpoway:I saw one interesting thing....
....some of them can probably barely understand the web configuration. To be honest, 75% of the people I know would refuse to mess with the default configuration if it starts working. 'Don't mess with something if it works' motto. The real world out there should be forced to set pages on loading the box, even if GUI. 'Innocence and ignorance' versus 'sales and low overhead requests'; and you wonder how anyone wins at all. We end up with daily new occurrences of hardware and software exploits on hardware and software that has a near 1 - 3 year life cycle in stories like this. How anyone keeps up is beyond me. |
|
HarryH3 Premium Member join:2005-02-21
1 recommendation |
to Doc Casualty
said by Doc Casualty:Sobering article. I'm about to install a new router, an ASUS RT N66U and don't know what I should or could do to make things safer for my network given these known exploitations. Update the firmware as soon as you get it online. ASUS recently published a new version with security fixes. I just got an RT-N66 last week and it had an earlier version installed. (Though once I confirmed it was working I upgraded to the Merlin custom firmware. It has more features, yet is based on the ASUS code.) I'm thinking I'll probably change to Tomato, as to me at least, it has a more intuitive interface. Perhaps I'm just used to it, as I ran it on my WRT54G's for years. |
|
85160670 (banned)"If U know neither the enemy nor yoursel join:2013-09-17 Edmonton, AB |
85160670 (banned)
Member
2014-Mar-4 9:41 am
Agreed & try to keep it simple and test after all the configuration !!! Cause you need one time perfect settings for your secure PORTAL |
|
Hitron CDA3 (Software) OpenBSD + pf
1 recommendation |
to antdude
Ha, just a simple GET request to » 192.168.1.1/Forms/tools_admin_1 for many of the TP-Link devices... just sad. Evidently most of the SOHO router market manufacturers are decent at building a router but horrific at security testing their on products. Hmmmm, sounds like a niche market could open up for a company to offer pen testing for various consumer routers. Just give me the ability to remove the GUI/web daemon and replace with my own. |
|
therube join:2004-11-11 Randallstown, MD
2 recommendations |
to antdude
|
|
1 recommendation |
to norwegian
You are lucky that around 25% of the people you know are able and willing to configure a router- for the folks I know, the figure is about 10%. |
|
|
to HarryH3
said by HarryH3:Update the firmware as soon as you get it online. Set it up today and did that right away. Nice router with a very easy setup! I'll think about the Tomato option, though I've never switched to an open source FW before on my Linksys routers. |
|
1 recommendation |
to daveinpoway
Most people I know don't know that they can! |
|
HarryH3 Premium Member join:2005-02-21
1 recommendation |
to Doc Casualty
The Merlin firmware is based on the stock ASUS firmware. He just adds some extra goodies. I just read that the IPv6 firewall in the newer stock ASUS firmware actually uses the code from Merlin. Apparently he and the folks at ASUS work together well. More here: » www.lostrealm.ca/tower/node/79 |
|
|
to antdude
Assuming Remote Management is off, is it even possible for someone outside of your network to access your router GUI? |
|