[wsfii-discuss] Researchers have found a new way for attackers to change critical settings on home routers.
wsfii at absorb.it
wsfii at absorb.it
Tue Feb 27 12:33:35 UTC 2007
Hi,
Tracey P. Lauriault schrieb:
> *Researchers have found a new way for attackers to change critical
> settings on home routers.*
looks a little bit like a hand-shaking of academic researchers without
practical experiance ;) So, the essence is that we have to change the
default password of our router to be safe connecting the router to the
net? Good point ;)
The choosen example with the Bank webpage is examplary for the overall
quality of this article. If you use a bank webinterface without ssl
(https://) the descibed problem might happen after your router was
broken (DNS changed) but than you should think fast and change your
bank. It's really a unsecure bank webinterface if they let you log in
without ssl, so thisone has to be changed. If you use ssl, in the
descibed scenario you will be warned that the site identityfication of
the 'look-a-like bank website' will have changed. Ok, was only an
example, but they had to be choosen carefully too. First they suggest
that you should trust what you get from the net without authentication
and than they tell you that this might go wrong if somebody else 'ownz'
your router. But this might go wrong anytime.
So, the only interesting but not really descibed fact in this article is
that the attack on your router might come from the inside, from your
Local Area Network, your Home Computer while looking on a webpage with
malicious code. While theoretical possible, I don't have the feeling
that this is the more critical attack-vector compared to an direct
attack on the router from the internet...
Nice regards, and, dont forget to change your router-password at least
to your best-friends name ;)
Rene
More information about the wsfii-discuss
mailing list