dslreports logo
site
spacer

spacer
 
   
spc
story category
The Wi-Fi Flu
And WPA is your vaccine....
by Karl Bode 11:02AM Thursday Jan 03 2008
Ars Technica points to new research (pdf) out of Indiana University that focuses on potential future malware attacks aimed specifically at wireless routers. Said attacks could do significant damage on a city-wide scale, given the routers are essentially "contagious" to other routers within signal range. These new infections would have their limits, however:
quote:
Interestingly, the modeled router infection patterns resembled a biological equivalent. Router infections are slowed or stopped completely by geographical barriers such as rivers, for instance. Isolated areas with a limited chain of wireless connections leading back to the point of infection could remain entirely untouched if one router along the chain uses WPA.
Researchers note that strong security practices (using WPA instead of WEP, strong passwords) could make these Wi-Fi "contagions" a non-issue.

view:
topics flat nest 
patcat88

join:2002-04-05
Jamaica, NY
kudos:1

hw assignment

Um, what exactly is taken over, I see the associating with a router part, I dont see the carrier. Is this someone's idea of a semester long project, that they conviently ignore certain real world facts in order to make this hypothetical study?

The only carrier I can think of would be exploiting a linux/firmware security hole, or interfering with TCPIP traffic and injecting something to infect a web browser or similar PC application/

FFH
Premium
join:2002-03-03
Tavistock NJ
kudos:5

1 edit

Re: hw assignment

said by patcat88:

Um, what exactly is taken over, I see the associating with a router part, I dont see the carrier. Is this someone's idea of a semester long project, that they conviently ignore certain real world facts in order to make this hypothetical study?

The only carrier I can think of would be exploiting a linux/firmware security hole, or interfering with TCPIP traffic and injecting something to infect a web browser or similar PC application/
I read the linked PDF on this and there is no mention of how you would infect a router once you can gain access to it. Their whole paper is based on ease of access due to no or weak security. There is nothing on how malware could get on the router once access is attained. The only home WiFi routers I am familiar with(Netgear & Linksys) do not let you change code except thru an ethernet linked PC.
--
Internet News
My BLOG
My Web Page

cacroll
Eventually, Prozac becomes normal
Premium
join:2002-07-25
Martinez, CA

Re: hw assignment

said by FFH:

The only home WiFi routers I am familiar with(Netgear & Linksys) do not let you change code except thru an ethernet linked PC.


Every WiFi router that I've seen lets you flash firmware by connecting to the management server. Using Ethernet or Wifi is equally acceptable to the firmware update process.

I constantly and seriously advise against using WiFi for firmware updates, as it is the best way that I can think of to brick a router. But I don't think that the update process prevents you.
--
Cheers,
Chuck
MS-MVP 2005-2007 [Windows - Networking]
PChuck's Network

joako
Premium
join:2000-09-07
/dev/null
kudos:6
I've flashed firmware plenty of times via WiFi. What needs to be done is somewhat elaborate: create firmwares for the routers and be able to identify the router connected to and load the correct firmware. It's not impossible.... it's not even that hard just needs someone that is dedicated and applies their effort into the matter.

Also many routers use Linux so there might be a more trivial way to have the router execute some code.
--
Am Heimcomputer sitz' ich hier, und programmier' die Zukunft mir

cacroll
Eventually, Prozac becomes normal
Premium
join:2002-07-25
Martinez, CA

1 recommendation

Re: hw assignment

said by joako:

I've flashed firmware plenty of times via WiFi.


I do 5 things before flashing firmware.

  • Record or save all settings.
  • Reset all settings to factory defaults.
  • Turn the radio off (if WiFi).
  • Disconnect all Ethernet connections.
  • Connect one single Ethernet cable, to one single computer.

The second time I flashed my BEFSX41, I neglected to remove all Ethernet cables. That was when I had to learn, from a thread in this forum, how to unbrick a BEFSX41.

Maybe I can flash using WiFi. Maybe I can drive down the highway at 80 mph and not get nailed by the cops. Maybe not.

I don't recommend speeding to anybody. Nor will I recommend using WiFi to flash firmware.
--
Cheers,
Chuck
MS-MVP 2005-2007 [Windows - Networking]
PChuck's Network

joako
Premium
join:2000-09-07
/dev/null
kudos:6

1 recommendation

Totally agree.. I wouldn't try to flash a router when I have ethernet access to it... just saying its possible and most of the time it will work.
--
Am Heimcomputer sitz' ich hier, und programmier' die Zukunft mir

AnonProxy
Premium
join:2001-05-12

bla bla bla

More experts talking out of their ass trying to create a buzz about theories that are basically crap.

Here's a new phrase I just coined...

Wandemic or Wan-demic in the same vein as pandemic but for wans.

Cjaiceman
Premium,MVM
join:2004-10-12
Parker, CO
kudos:2

No chance here, keep lookin...

I agree with above that this is a theory at best, but I am prepared and have been for a long time. I run a WRT54G with Thibor15c, WPA2-PSK with 21+ character key, hidden SSID and MAC filtering. The next large step up from this is to just turn off the wireless. I guess I could do that if needed since this doesn't run as a router, just an AP.

For all the people running open wireless I think they should secure it to prevent a large outbreak of something like this, but I just for some reason can't see this moving around too much. Just something about there being a lot of different types of routers, Linksys, Netgear, Belkin, D-Link just to name a few.
--
HOT JAMZ 94FM
Listen Live at »sc7.shoutcaststreaming.us:8206/listen.pls
ctggzg
Premium
join:2005-02-11
USA
kudos:2

Re: No chance here, keep lookin...

Slightly overkill, but okay. AES instead of TKIP?

asdfghjklzx5
Premium
join:2004-05-03
kudos:1

1 recommendation

Using a hidden SSID and Mac Filtering accomplish nothing in the way of wireless security.

WPA2 is the only thing you need.

cacroll
Eventually, Prozac becomes normal
Premium
join:2002-07-25
Martinez, CA
said by Cjaiceman:

I run a WRT54G with Thibor15c, WPA2-PSK with 21+ character key, hidden SSID and MAC filtering.


A hidden SSID, and MAC address filtering, will protect you from your clueless neighbor who is just learning how to turn his computer on. They will do nothing to protect you from the really bad guys who can hurt you, or damage your reputation. Plus, they identify you, in a way that you don't need:

  • Someone who wants to hide.
  • Someone who hasn't a clue how to protect himself.

Like a typical tourist, with bulging camera bag, shoulder bag, and map which he is anxiously perusing, on a crowded city street, a WiFi network using a hidden SSID and MAC address filtering, is seen as an easy target by the beginner level criminals. The pros will attack you when they are bored, or really broke.
»nitecruzr.blogspot.com/2008/01/m···ing.html
»nitecruzr.blogspot.com/2005/05/d···sid.html
--
Cheers,
Chuck
MS-MVP 2005-2007 [Windows - Networking]
PChuck's Network

wruckman
Ruckman.net

join:2007-10-25
Northwood, OH

Awsome!

I find it hilarious that computers are becoming more and more like us. Modeling them in our own image. Even our weaknesses are becoming their weaknesses. haha!

Uhh

@insightns.com

girls

They aren't going to tell you how to do it. LOL

GlobalMind
Domino Dude, POWER Systems Guy
Premium
join:2001-10-29
Hollywood, FL

GO IU

Good stuff or not, might as well give props to the alma mater.

In any event, hasn't it been considered best practice for some time now to use WPA?

The Mad Hacker

@qwest.net

Doesn't make sense

Consumer grade wireless routers don't talk to each other, how can malware spread wirelessly through them?

huh

@170.153.25.x

Re: Doesn't make sense

said by The Mad Hacker :

Consumer grade wireless routers don't talk to each other, how can malware spread wirelessly through them?
This is what I want to know. Will they try to find other ones over their broadband connection?
Isn't the default for most access points to NOT have the remote management enable?
Or do they expect a vulnerability to be used via the lan to propagate? and that isn't a wireless infection method as they are trying to 'hype'.

KP
JimF
Premium
join:2003-06-15
Allentown, PA

1 edit
On page 2 of the PDF, they state:
"Further, as routers need to be within relatively close proximity to each other to communicate wirelessly, an attack can now take advantage of the increasing density of WiFi routers in urban areas that creates large geographical networks where the malware can propagate undisturbed."

So they are simply assuming some sort of wireless network, maybe a mesh network for coverage of large areas. On the other hand, earlier on that page, they talk about the percentage of households that have WiFi routers. Clearly, those don't (at present) talk to each other. So they are mixing apples and oranges.

wxboss
This is like Deja vu all over again.
Premium
join:2005-01-30
Fort Lauderdale, FL

Wifi Bewilderment

If anything good comes out of this, maybe it will be the awareness for the need to lock down your networks.

One guy that I work with deliberately keeps his WAN unlocked so that, 'The neighbors can use it as we all share our networks.'

After just a few minutes of trying to ingrain the need for some security, I realized that my attempts were futile. Some people - if they don't already know, you just can't tell them.
--
"A study in the Washington Post says that women have better verbal skills
than men. I just want to say to the authors of that study: Duh."
--Conan O'Brien