Pinterest Stumbleupon Whatsapp
Ads by Google

You’ve got anti-virus software on your PC, anti-malware scanner, a live scanner for picking up worms and other active intrusions, and a firewall. Your computer and its data are secure… right?

As we’ve seen more and more recently, having a secure PC setup is only one part of keeping your data secure. Connect to an unsecure router and all of your hard work is in vain.

Routers rarely arrive in a secure state, but even if you have taken the time to configure your wireless (or wired) router correctly, it can still prove to be the weak link in your computer security.

It’s Like a Default: Securing Your New Router

Default options for routers are perhaps the biggest weakness. Like home security cameras that are streamed online Are Your Home Security Cams Being Streamed Online Without Your Knowledge? Are Your Home Security Cams Being Streamed Online Without Your Knowledge? Read More , people tend to install-and-forget, overlooking the fact that virtually every model has the same username and password.
Connections on an ADSL Modem Router

Brian Krebs reported recently that email spam has been used to hack routers by spoofing emails from telecoms providers, requesting the target click on a link and sending them to a page with hidden code that attempts to:

“…execute what’s known as a cross-site request forgery attack on known vulnerabilities in two types of routers, UT Starcom and TP-Link. The malicious page would then invoke hidden inline frames (also known as “iframes”) that try to log in to the administration page of the victim’s router using a list of known default credentials built into these devices.”

A successful attack re-writes the router’s DNS settings , sending the victim to spoof versions of sites that harvest logins.

Ads by Google

Anyone installing a new router on their home network needs to take the time to clear all default usernames and passwords and replace them with their own, preferably secure and memorable passwords/pass-strings that are then changed on a regular basis.

The NAT-PMP Vulnerability

In late 2014 Matt Hughes reported that the NAT-PMP vulnerability affected something in the region of 1.2 million routers, with US security firm Rapid7 finding that 1.2 Million Routers Are Vulnerable To Being Hijacked. Is Yours One Of Them? 1.2 Million Routers Are Vulnerable To Being Hijacked. Is Yours One Of Them? Read More “2.5% [of routers] vulnerable to an attacker intercepting internal traffic, 88% to an attacker intercepting outbound traffic, and 88% to a denial of service attack as a result of this vulnerability.”

While the NAT gateway on routers should not accept internal data that is not destined to an internal address, devices that have incorrectly configured firmware unwittingly allow external computers to create rules, potentially leading to data leaks and identity theft.

muo-security-routers-ddwrt

Fixing this issue requires that router manufacturers release patches. Alternatively, you might install a secure open source firmware, such as DD-WRT What Is OpenWrt And Why Should I Use It For My Router? What Is OpenWrt And Why Should I Use It For My Router? OpenWrt is a Linux distribution for your router. Like other Linux distributions, it offers a built-in package manager that allows you to install packages from a software repository. It can be used for anything that... Read More  or Open-WRT.

Is Your WPA Router as Secure as You Think?

Anyone using WPA to secure their router would be forgiven for thinking that with the passcode entered (and regularly changed) that they were making a secure connection to the Internet.

Most modern Wi-Fi routers feature the WPS technology which bypasses WPA, and makes connecting to the router by means of a button or 8-digit PIN far easier.

Unfortunately with ease comes vulnerability. As reported by James Bruce, with a strong connection and a susceptible router, the WPS PIN can be brute forced in just 2 hours Think Your WPA-Protected Wifi Is Secure? Think Again - Here Comes The Reaver Think Your WPA-Protected Wifi Is Secure? Think Again - Here Comes The Reaver By now, we should all be aware of the dangers of securing networks with WEP, which I demonstrated before how you could hack in 5 minutes. The advice has always been to use WPA or... Read More , and obtaining this PIN will reveal the WPA passcode to the attacker.

On some routers disabling the WPS PIN is an option, but this doesn’t always do what it claims, instead disabling a user-defined PIN instead of the default option. Hardly ideal. The best solution in this case would be to disable wireless networking on your router, and wait for an update from your ISP or router manufacturer (check their website).

Is Your ISP To Blame?

Earlier in 2015 we learned that a particular model of Pirelli router was shipped to customers with a bug Is Your ISP Making Your Home Network Insecure? Is Your ISP Making Your Home Network Insecure? Is your router letting intruders onto your home network? Don't be caught out by home router security issues, brought onto you by your own ISP! We show you how to test your router. Read More that is so easy to exploit your granny could do it.

As I reported:

“All you need to do is enter the web-facing IP address of a router, suffix it with wifisetup.html (so something like 1.2.3.4/wifisetup.html) and you can start playing around with the router configuration. Expert hackers would then be able to start setting up routes into the network, start sniffing Internet traffic, potentially even attack a computer with no firewall installed.”

So far, this problem has been limited to that single Pirelli P.DGA4001N model, but it raises worrying questions about just how routers are being configured by the manufacturers.

Have you encountered problems with default settings on your router? Perhaps you have been affected by one or more of the problems highlighted here. What should router manufacturers and ISPs do to mitigate these issues? Tell us your thoughts in the comments.

Image Credits: Asim18Moxfyre

  1. Kat
    April 4, 2015 at 9:10 am

    IT IS THE ROUTER, LAZINESS, IGNORANCE, WI FI, SETTINGS, HACKERS, BLACK HATS (WHO NEED WHITE COATS) WHITE HATS THAT BLACKLIST, and on and on and on

    Sort of makes me think of that saying about "a gun did not kill the person..."

    I don't think I would use the term "technical knowledge" any longer -- instead perhaps, technological warfare. Sad but true.

    • Christian Cawley
      April 8, 2015 at 3:40 pm

      Thanks for the coherent reply :)

  2. Simranjeet Singh
    April 3, 2015 at 1:46 pm

    BINATONE MODEM ROUTERS CAN BE HACKED WITHOUT ANY TECHNICAL KNOWLEDGE.

    • pranav malhotra
      April 26, 2015 at 11:24 am

      How can be it hacked ??

  3. Kevin M
    April 3, 2015 at 2:48 am

    All great information but one thing that very rarely gets mentioned is the laziness and ignorance of the user. You can have a secure computer and a secure network but regardless, the user is still a victim of their own laziness and ignorance.

    Great article however, thanks for sharing...;)

  4. LibertyTreeOfFaith
    April 2, 2015 at 10:30 pm

    thanks for telling blackhat hackers how to further their goals..........geez.

    • Franko
      April 2, 2015 at 11:05 pm

      If blackhats didn't know these vulnerabilities (and several others that aren't mentioned here), they should be forced to turn in their hat :)

    • Christian Cawley
      April 3, 2015 at 8:33 am

      Franko is bang on.

    • dragonmouth
      April 3, 2015 at 12:31 pm

      @LibertyTreeOfFaith:
      If it wasn't for the blackhats, the general user population would not know about these and other vulnerabilities.

Leave a Reply

Your email address will not be published. Required fields are marked *