Auteur Sujet: Researchers Hack Over a Dozen Home Routers  (Lu 6382 fois)

0 Membres et 1 Invité sur ce sujet

ka9yhd

  • Invité
Researchers Hack Over a Dozen Home Routers
« le: 18 avril 2013 à 07:39:37 »

ISE researchers have discovered critical security vulnerabilities in numerous small office/home office (SOHO) routers and wireless access points. We define a critical security vulnerability in a router as one that allows a remote attacker to take full control of the router's configuration settings, or one that allows a local attacker to bypass authentication and take control. This control allows an attacker to intercept and modify network traffic as it enters and leaves the network.

Full article:
http://securityevaluators.com//content/case-studies/routers/soho_router_hacks.jsp

http://news.cnet.com/8301-1009_3-57579981-83/top-wi-fi-routers-easy-to-hack-says-study/

djohnston

  • Invité
Re : Researchers Hack Over a Dozen Home Routers
« Réponse #1 le: 18 avril 2013 à 23:45:22 »
I saw that article. Kinda makes you lose faith in the firmware put on routers these days, doesn't it?

Hors ligne melodie

  • Administrateur
  • Membre Héroïque
  • *****
  • Messages: 1774
    • Citrotux
Re : Re : Researchers Hack Over a Dozen Home Routers
« Réponse #2 le: 19 avril 2013 à 02:11:54 »
I saw that article. Kinda makes you lose faith in the firmware put on routers these days, doesn't it?

+1.

Good leaders being scarce, following yourself is allowed.

Hors ligne melodie

  • Administrateur
  • Membre Héroïque
  • *****
  • Messages: 1774
    • Citrotux
Re : Researchers Hack Over a Dozen Home Routers
« Réponse #3 le: 21 avril 2013 à 11:23:54 »
The last release of DD-WRT is not recent:
http://www.dd-wrt.com/site/support/other-downloads

This might not be a good solution either...

Good leaders being scarce, following yourself is allowed.

djohnston

  • Invité
Re : Researchers Hack Over a Dozen Home Routers
« Réponse #4 le: 21 avril 2013 à 12:40:05 »
OpenWRT is, I believe, much newer. The description is:

Citer
OpenWrt is described as a Linux distribution for embedded devices.

Instead of trying to create a single, static firmware, OpenWrt provides a fully writable filesystem with package management. This frees you from the application selection and configuration provided by the vendor and allows you to customize the device through the use of packages to suit any application.

They support a lot of devices. Check the old table of hardware if you don't see your router listed.


Hors ligne melodie

  • Administrateur
  • Membre Héroïque
  • *****
  • Messages: 1774
    • Citrotux
Re : Re : Researchers Hack Over a Dozen Home Routers
« Réponse #5 le: 21 avril 2013 à 14:37:01 »
OpenWRT is, I believe, much newer.

That sounds better. :)

I really don't know what my router is, because since a pair of years we use the one from the company of our ISP. We would have to get information about it.

Good leaders being scarce, following yourself is allowed.

Hors ligne melodie

  • Administrateur
  • Membre Héroïque
  • *****
  • Messages: 1774
    • Citrotux
Re : Researchers Hack Over a Dozen Home Routers
« Réponse #6 le: 22 avril 2013 à 08:44:44 »
Hi,
It is nice of you, but at the moment I have no idea. I would myself need to do some research on it to find out.

this is mostly what it looks like



what's inside could be different also from one year to another...

Good leaders being scarce, following yourself is allowed.

djohnston

  • Invité
Re : Researchers Hack Over a Dozen Home Routers
« Réponse #7 le: 23 avril 2013 à 03:26:04 »
To add more to this:

Groundhog day for routers

Even if it is hardly surprising anymore, a shocking range of sometimes hair-raising vulnerabilities continues to lie dormant in popular router models. Sitecom WLM-3500 routers, for example, contain two undocumented backdoor accounts that provide attackers with simple ways of obtaining admin privileges and make arbitrary router configuration adjustments. Vulnerable devices are easy to find: The H's associates at heise Security discovered more than 10,000 potentially vulnerable routers straight away, the majority of them in Italy.

The backdoor access credentials were accepted in all of their spot checks. While Sitecom has released a firmware version 1.07 that, the company says, no longer contains the backdoors, routers don't tend to be too fussed about keeping their firmware updated, and it is unlikely that the update will be installed on a significant number of devices in the foreseeable future. The hole was discovered and reported to Sitecom by security expert Roberto Paleari from Emaze Networks.

Paleari also found problems with Netgear's WNR1000. Adding the ".jpg" character string to the address of the configuration file allows unauthenticated attackers to access this file. The file is apparently encrypted but this encryption is somewhat light and can be decoded using a Python script that Paleari has made available.

A team from ISE (Independent Security Evaluators) also made quite a few discoveries: Although the security specialists had originally only planned to examine 10 router models, their research project included 13 vulnerable models in the end. Among these are Belkin's N300, N900 and F5D8236-4 v2 models as well as the Linksys WRT310Nv2, Netgear WNDR4700 and TP-Link WR1043N routers – and D-Link is also affected; this time it's the company's DIR-865L model.

Many of the holes can be exploited via the internet, some of them even without authentication. The holes that were discovered by ISE have been given 17 CVE numbers so far, and a further 21 submissions are currently being investigated. To avoid putting router owners at risk, ISE has not yet released any vulnerability details. The list of CVE numbers contains the usual suspects, including authentication bypass, cross-site request forgery (CSRF) and cross-site scripting (XSS) vulnerabilities.

To minimise the risk of successful attacks on their devices, router owners should at least change the factory-set password and ensure that the router's web interface is not accessible through the internet. CSRF attacks become more difficult if owners change their device's internal IP address and make sure that they log out after accessing the web interface. A regular check to see whether a manufacturer has released a firmware update is also advisable – whether vulnerabilities have been found or not.