Well, the C/NET article doesn't go into a lot of detail about the exploits. It's more about the Defcon 21 meeting in Las Vegas. The good news is that, according to the
Exploiting SOHO Router Services article, the router-provided services are only vulnerable to the described attacks after "USB storage is attached" (to the router).
More good news is that my home router is not on the list. The bad news is that it doesn't mean my home router is secure. By any means. In order to have some control, (hopefully, full control), of a home router, a PC needs to be repurposed as a dedicated router for the entire home network. It can run other tasks, but making it the sole purpose of an older PC is a perfect use for a PC with slower data bus speeds and slower IDE/SATA channel speeds. There are several hardened distros available to turn an unused PC into a dedicated internet router for a home network, such as
EnGarde Secure Linux. And an older PC can be used for this purpose with very little performance loss. The main criteria are ethernet and wireless transfer speeds which can be easily met with good quality PCI or PCIe adapters.
The other alternative is to install
DD-WRT or
Tomato Firmware to your Broadcom-based router. Or use one of the Linux or BSD solutions shown
here.
