dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
994

antdude
Matrix Ant
Premium Member
join:2001-03-25
US

2 recommendations

antdude

Premium Member

Hackers hijack 300,000-plus wireless routers, make malicious changes

»arstechnica.com/security ··· changes/

Yikes, that's a high number!
85160670 (banned)
"If U know neither the enemy nor yoursel
join:2013-09-17
Edmonton, AB

85160670 (banned)

Member

{{{ SMILE }}} ..... indeed

Doc Casualty
join:2005-02-06
Harbor Springs, MI

Doc Casualty to antdude

Member

to antdude
Sobering article. I'm about to install a new router, an ASUS RT N66U and don't know what I should or could do to make things safer for my network given these known exploitations.
daveinpoway
Premium Member
join:2006-07-03
Poway, CA

3 recommendations

daveinpoway

Premium Member

I saw one interesting thing (near the end)- a recommendation to use a command-line configuration (instead of a web interface). My guess that this is generally impractical, since few home users would be up to this (some of them can probably barely understand the web configuration).

dib22
join:2002-01-27
Kansas City, MO

1 recommendation

dib22 to Doc Casualty

Member

to Doc Casualty
said by Doc Casualty:

I'm about to install a new router, an ASUS RT N66U and don't know what I should or could do to make things safer for my network given these known exploitations.

Asus makes great hardware, but put Tomato on it.

I like shibby's but there are plenty of builds out there.

»tomato.groov.pl/?page_id=69

norwegian
Premium Member
join:2005-02-15
Outback

2 recommendations

norwegian to daveinpoway

Premium Member

to daveinpoway
said by daveinpoway:

I saw one interesting thing....

....some of them can probably barely understand the web configuration.

To be honest, 75% of the people I know would refuse to mess with the default configuration if it starts working.
'Don't mess with something if it works' motto.
The real world out there should be forced to set pages on loading the box, even if GUI.

'Innocence and ignorance' versus 'sales and low overhead requests'; and you wonder how anyone wins at all.
We end up with daily new occurrences of hardware and software exploits on hardware and software that has a near 1 - 3 year life cycle in stories like this.

How anyone keeps up is beyond me.
HarryH3
Premium Member
join:2005-02-21

1 recommendation

HarryH3 to Doc Casualty

Premium Member

to Doc Casualty
said by Doc Casualty:

Sobering article. I'm about to install a new router, an ASUS RT N66U and don't know what I should or could do to make things safer for my network given these known exploitations.

Update the firmware as soon as you get it online. ASUS recently published a new version with security fixes. I just got an RT-N66 last week and it had an earlier version installed. (Though once I confirmed it was working I upgraded to the Merlin custom firmware. It has more features, yet is based on the ASUS code.) I'm thinking I'll probably change to Tomato, as to me at least, it has a more intuitive interface. Perhaps I'm just used to it, as I ran it on my WRT54G's for years.
85160670 (banned)
"If U know neither the enemy nor yoursel
join:2013-09-17
Edmonton, AB

85160670 (banned)

Member

Agreed & try to keep it simple and test after all the configuration !!!
Cause you need one time perfect settings for your secure PORTAL

Chubbzie
join:2014-02-11
Greenville, NC
Hitron CDA3
(Software) OpenBSD + pf

1 recommendation

Chubbzie to antdude

Member

to antdude
Ha, just a simple GET request to »192.168.1.1/Forms/tools_admin_1 for many of the TP-Link devices... just sad.

Evidently most of the SOHO router market manufacturers are decent at building a router but horrific at security testing their on products. Hmmmm, sounds like a niche market could open up for a company to offer pen testing for various consumer routers.

Just give me the ability to remove the GUI/web daemon and replace with my own.

therube
join:2004-11-11
Randallstown, MD

2 recommendations

therube to antdude

Member

to antdude
Related, Default settings ex-HD to ASUS wide open.
daveinpoway
Premium Member
join:2006-07-03
Poway, CA

1 recommendation

daveinpoway to norwegian

Premium Member

to norwegian
You are lucky that around 25% of the people you know are able and willing to configure a router- for the folks I know, the figure is about 10%.

Doc Casualty
join:2005-02-06
Harbor Springs, MI

Doc Casualty to HarryH3

Member

to HarryH3
said by HarryH3:

Update the firmware as soon as you get it online.

Set it up today and did that right away. Nice router with a very easy setup! I'll think about the Tomato option, though I've never switched to an open source FW before on my Linksys routers.

jaykaykay
4 Ever Young
MVM
join:2000-04-13
USA

1 recommendation

jaykaykay to daveinpoway

MVM

to daveinpoway
Most people I know don't know that they can!
HarryH3
Premium Member
join:2005-02-21

1 recommendation

HarryH3 to Doc Casualty

Premium Member

to Doc Casualty
The Merlin firmware is based on the stock ASUS firmware. He just adds some extra goodies. I just read that the IPv6 firewall in the newer stock ASUS firmware actually uses the code from Merlin. Apparently he and the folks at ASUS work together well.

More here: »www.lostrealm.ca/tower/node/79
starfish8
join:2004-06-30

starfish8 to antdude

Member

to antdude
Assuming Remote Management is off, is it even possible for someone outside of your network to access your router GUI?