Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » Most home routers 'vulnerable to remote take-over'
Search Topic:
Uniqs:
381		 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
Steganos Safe 2007 / 2008 built-in password generator. »
« AVG Free Options  
AuthorAll Replies

Jomsviking

join:2007-12-28
1 edit		reply to elnino
Re: Most home routers 'vulnerable to remote take-over'

elnino, it is already being discussed here:

»UPnP strikes again

Edit: ops..Lanik beat me to it by 1m25s.
to forum · permalink · · 2008-01-16 07:30:51 · (locked)


Lanik
Lab-nik
Premium,ExMod 2002-03
join:2001-06-25
Bay Area		reply to elnino
This was posted earlier: »UPnP strikes again
--
"If it ain't broke don't fix it."
to forum · permalink · · 2008-01-16 07:29:26 · (locked)

elnino

join:2006-08-27
Akron, OH

 This story was run by Channel Register yesterday about the security concerns when using UPnP on your router:

»www.channelregister.co.uk/2008/0···ecurity/

Most home routers 'vulnerable to remote take-over'
By Dan Goodin in San Francisco →
15 Jan 2008 04:13
Universal plug and prey

Security mavens have uncovered a design flaw in most home routers that allows attackers to remotely control the devices by luring an attached computer to a booby-trapped website.

The weakness could allow attackers to redirect victims to fraudulent destinations that masquerade as trusted sites belonging to banks, ecommerce companies or health care organizations. The exploit works even if a user has changed the default password of the router. And it works regardless the operating system or browser the computer connected to the device is running, as long as it has a recent version of Adobe Flash installed.

"This is a huge problem," Adrian Pastor, of the prolific hacking organization GNUCitizen, said in an instant message.

The problem resides in Universal Plug and Play, a feature built in to most routers used for home networks so machines running games, instant messaging programs and other applications will work seamlessly with the devices. By exposing an end user to a malicious Flash file lurking on a website, attackers can use UPnP, as the technology is usually called, to make significant modifications to the router.

The most serious change that's possible is changing the the server PCs connected to the router use to access websites. That might cause a victim trying to access eBay or Bank of America to see spoofed pages that steal their login credentials.

The hack could also allow attackers to open ports on a victim's router. That would be useful in turning a router into what would amount to a zombie machine by forwarding ports to an external server.

The weakness, which works using the navigatetoURL function and URLRequest object specified in Flash, isn't a security flaw within Flash, the researches say. Rather they are design flaws in UPnP, which doesn't use authentication. PCs using virtually any platform and browser will change router settings, as long as they run version 8 or higher of Flash.

Routers made by Linksys, Dlink and SpeedTouch have been confirmed to be vulnerable, and other manufacturers' products are also likely susceptible to attack, the researchers said. Most routers have UPnP turned on by default. The only way to prevent the attack is to turn the feature off, something that is possible with some, but not all, devices.

The vulnerability, which was also discovered by Petko D. Petkov, is explained further here. A FAQ is here. ®
to forum · permalink · · 2008-01-16 07:13:16 · (locked)
Thread is
Forums » Up and Running » Security » SecuritySteganos Safe 2007 / 2008 built-in password generator. »
« AVG Free Options  

Thursday, 26-Nov 01:59:39 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [105] New AT&T Ad Campaign Hits Back At Verizon
· [101] Time Warner Cable Fires Broadside At Broadcasters
· [95] Apple Joins AT&T Verizon Snark Fest
· [85] New Bill Takes Aim At Higher Verizon ETFs
· [63] TiVo Sees Record Customer Losses
· [48] In-Flight Internet Headed For Bumpy Landing?
· [34] Senators Want ACTA Made Public
· [30] Earthlink Suffers From Major E-mail Outage
· [30] AT&T Offers New Prepaid Wireless plans
· [30] Despite Billions In USF Fees, U.S. Libraries Lack Bandwidth
Most people now reading
· Shutting of Electricity Temporarily (up to 1 yr) to Save $$$ [Home Repair & Improvement]
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· Windows 7 boot manager editing questions [Microsoft Help]
· Newegg Black Friday Sale started [Users Find Hot Deals]
· ToC 4th boss - Preliminary Strategy for Twin Valkyr [World of Warcraft]
· [DVR] DCX3400 - 30 Second Skip Forward [Comcast Cable TV]
· Whats the big deal about being "Old School"....? [World of Warcraft]
· I'll Just Unplug That... [No, I Will Not Fix Your #@$!! Computer]
· HOW-TO: QoS and Tomato (fixes "choppy voice") [MagicJack]
· IPComms Free DIDs now with sip registration maybe?? [VOIP Tech Chat]