More Wi-Fi devices with security holes

[djohnston]

Source

On his blog, German security expert Michael Messner has identified more Wi-Fi access devices that contain security holes of varying severity. Recently, the researcher uncovered a number of vulnerabilities in devices from Linksys, Netgear and D-Link.

The holes that are now being disclosed affect the Edimax EW-7206APg and EW-7209APg as well as TP-Link's TL-WA701N access points, the Linksys WRT160N router, Netgear's DGN2200B ADSL modem, and Raidsonic's IB-NAS5220 and IB-NAS4220-B NAS devices. In all cases, Messner had reported the flaws to the affected vendors many weeks ago; however, he says he has either received no response at all (TP-Link) or that manufacturers don't intend to provide updates (Edimax, Raidsonic) or have released updates without providing any details about what has been fixed (Netgear). Messner notes that Linksys didn't respond at all for over two months.

The wide range of vulnerabilities include the possibility of extracting password files without authentication (TP-Link) or executing arbitrary shell commands (in Raidsonic and Netgear devices without authentication, in Linksys devices with authentication), as well as passwords that are stored in plain text (Netgear). Many devices are also vulnerable to cross-site scripting (XSS) attacks.

[patrick013]

I thought that WEP was encrypted, takes an hour to crack.

I thought that WPA was encrypted, takes several hours to crack.

Where's the error log at ?     For all those bogus packets trying to
succeed ?     Till they finally guess the key ?

Something msec or selinux should surely do.     I didn't read the
article,   but a script to numerate these failed packet entries and their
source IP, something I could email the USA  FBI.     I'm sure the
Linux experts could provide that, that's what I want.

Better than not doing anything but reading mag articles.   

What do you think.


regards,

patrick

[djohnston]

Better than not doing anything but reading mag articles.   

What do you think.

I'm not sure what you're asking. The article, along with another one I've posted, details bugs in each OS that routers and wireless access points are running. There are many tools for monitoring and logging network traffic, but most have to be run on the device acting as the network router. The reason for posting these articles is to let anyone reading them know whether they have a network device that doesn't pass security muster.

In order to install patches to these routers, wireless access points, internet cameras, network-ready printers, etc. the device has to be "flashed" with an update patch. It is similar to updating a computer's BIOS.

[patrick013]

In order to install patches to these routers, wireless access points, internet cameras, network-ready printers, etc. the device has to be "flashed" with an update patch. It is similar to updating a computer's BIOS.

So if  someone is trying to crack my WPA key, and I write a script noting the IP address of the
packet, where it came from, for every packet trying to get into my wifi modem without the right
key,  wouldn't I have a viable solution ?    Knowing that key cracking will take thousands of wrong
attempts.    Without the exact key what can any other packet do, you know.    They just can't connect.

My hypothetical script would write those bad IP's with bad keys to a text file.

The hardware you mention doesn't care about keys in some circumstances ?     Oh boy, do we
got problems if so.

thanks for the response.

Patrick013     

[djohnston]

So if  someone is trying to crack my WPA key, and I write a script noting the IP address of the
packet, where it came from, for every packet trying to get into my wifi modem without the right
key,  wouldn't I have a viable solution ?    Knowing that key cracking will take thousands of wrong
attempts.    Without the exact key what can any other packet do, you know.    They just can't connect.

My hypothetical script would write those bad IP's with bad keys to a text file.

In that case, yes, a monitoring script/program is what you would want. Note that, as far as I know, modems don't have a dedicated OS running on the device. Routers do. It is still possible to monitor the traffic passing from a router to the network. The difficulty is in monitoring the traffic from the WAN (internet) to the router. In a case where you would want to monitor incoming internet traffic to the router, setting up a PC as a dedicated router would do the trick, because the PC can be running other tasks, as well as acting as a router.

DD-WRT may have monitoring and logging capabilities. That would be another possibility.

[melodie]

http://leaf.sourceforge.net/

Note:  As I find more projects I will add links to them.

I personally don't have enough time for all, and for instance reading this page, but it seems very interesting, so I would like to ask / suggest you to start a thread in the present forum related to resources, add this one in the topic, and once done we should probably pin it.

[patrick013]

DD-WRT may have monitoring and logging capabilities. That would be another possibility.

Hi,

My AT&T Internet Gateway is a modem/router combo, capable of over 200
wifi connections at once, at say an apartment building, coffee shop, whatever.
It's even a little too big for what I really need.

I don't recall any option in the modem/router where a text file would be
available for excessive key attempts.   

thanks for your response.

Patrick