Lock Down Your Router!

[JohnB316]

Indiana University, in conjunction with Symantec, published a technical report on Drive-By Pharming. Basically, this type of phishing involves hackers using default passwords on routers via malicious Javascript to hijack a router and change the DNS cache in the router. The effect would be to point users to fake web sites.

Here is a link to a ZDnet article about this exploit: http://news.zdnet.com/2100-1009_22-6159938.html

Here are links to the Indiana University report about the exploit: http://www.cs.indiana.edu/cgi-bin/techreports/TRNNN.cgi?trnum=TR641 - the abstract (summary)

http://www.cs.indiana.edu/pub/techreports/TR641.pdf - the details

Note that the report has not yet been published. I would take this one seriously, as Linux boxes can likely be used to mess up a router via malicious sites. The bottom line is to lock down your router by changing the default password on it.

HTH,
John

[subgeniusd]

And if you have any doubts about the availability of these factory default passwords this is the list every hacker and "wardriver" uses:

http://www.phenoelit.de/dpl/dpl.html

Also a handy password strength checker:

https://www.microsoft.com/athome/security/privacy/password_checker.mspx

Don't worry.....big, bad MSFT lets you visit and browse all over the place with Opera/Linux despite the fact that they could easily block all such access.    D.

[dispose256]

While you are on the topic of router insecurity, a more serious problem has been reported when just about any router that uses UPNP could be compromised by a flash attack, and that regardless of the operating system. It exploits the lack of authentication with UPNP. You can look it up on "The register" a UK newsletter. Quite interesting.

dispose256