esjones Premium Member join:2010-09-10 Springboro, OH |
to Bill_MI
Re: Linksys Router Vulnerability - Port 80 OpenCorrect. Your link points to an image of the firmware UI prior to the Belkin hijack. I'm wondering if they (Belkin) aren't keeping Port 80 open on purpose as the means to get these "upgrades" onto the router. |
|
Bill_MIBill In Michigan MVM join:2001-01-03 Royal Oak, MI TP-Link Archer C7 Linksys WRT54GS Linksys WRT54G v4
|
There should be a mechanism to get back to earlier firmware but I've been reading it's frozen in time so no one really wants those old bugs. There's some info in the links I posted.
While Belkin has control of it now, I thought that "Cloud" crapola came strictly from Cisco. |
|
1 recommendation |
to esjones
said by esjones:Yes, the pre-hijack Linksys firmware did include that option. It has been removed from the Belkin firmware. Thank you for confirming. Well in that case, that is rather disturbing. That would seem to me that they, Belkin, want to have the ability to remotely manage your router. As you said, it may be something to do with automatically updating the firmware. That may have it's benefits for some users who may not be as advanced, but it still leaves a potentially dangerous hole. As others suggested, I would go to open source firmware if possible. |
|
|
to Bill_MI
Liknsys by Cisco was said by Bill_MI:While Belkin has control of it now, I thought that "Cloud" crapola came strictly from Cisco. Linksys by Cisco (or Cisco-Linksys) was actually not truly "Cisco" (at least not how most think of it). It was an entirely separate division, owned by Cisco, that was managed on its own. That entire organization is what had been sold to Belkin and I would not expect anything to change, unfortunately. At least not for the better |
|
Bill_MIBill In Michigan MVM join:2001-01-03 Royal Oak, MI TP-Link Archer C7 Linksys WRT54GS Linksys WRT54G v4
|
to WildByDesign
said by WildByDesign:That would seem to me that they, Belkin, want to have the ability to remotely manage your router. Oh it gets worse. You had to create an account to get to your own router and agree to their use of your data. The security and tech communities were so outraged Cisco responded but in typical scumbag fashion... they "managed" the PR, allowed regression so 1% can go backwards, and little else. » Suggested Listening... |
|
esjones Premium Member join:2010-09-10 Springboro, OH
2 recommendations |
esjones
Premium Member
2015-Feb-23 3:25 pm
Final from Linksys, unless the security community shames them into corrective action: I asked if someone who knows or guesses my password can gain access to the router. The answer (of course) is "yes." Unacceptable. » belkin.response.lithium. ··· /1406845 |
|
esjones |
to Ken1943
Ken -
I'm curious as to why you think it's "no big deal."
Earl |
|
NetFixerFrom My Cold Dead Hands Premium Member join:2004-06-24 The Boro Netgear CM500 Pace 5268AC TRENDnet TEW-829DRU
|
to esjones
I can't offer any solution to your problem other than the one you already know (get another router that is not marketed by Belkin/Linksys).
I do however, want to thank you for the thread. It reminded me that I had not done a through external pen test of my current D-Link DIR655 router since the initial test I did after purchasing it (and it has had several firmware upgrades since then). Fortunately, it still appears to be clean. But of course you can never be sure that there is not some obscure Easter egg trigger sequence of probes that would open a backdoor in any commercial router. |
|
1 recommendation |
to esjones
Turn off remote admin. If port 80 from WAN goes to admin GUI, disable remote admin. Port closes. Maybe someone else picked up on this but TLDR.
If you can't disable it, THEN junk the router. |
|
1 recommendation |
to esjones
Please post photos of you smashing your router with a sledgehammer... |
|