Home network routers may contain vulnerabilitiesApril 16, 2013 9:35 am ·
Home network routers may contain vulnerabilities and some can even invite intruders into your home. Some home network router vendors are slow to respond, or they do not respond at all to researchers that report router vulnerabilities. It is the vendors that are slow to respond or fail to respond that tend to annoy me. Excuse me! If I am going to buy networking equipment – I believe that I have the right to know if a hybrid router (modem/router combined) or individual router has any potential security flaws.
Home Network Routers
Users who do not take basic router security seriously, can also impact home network router security. Whether you use a hybrid or a cable (or DSL) modem and a router – securing your device should be at the top of your security to-do-list.
More often than not, we in-the-know tend to blame the end-user for dabbling in poor home network security practices. Perhaps their admin password is not complex enough or they forgot to disable UPnP. But what if they did everything possible to secure their hybrid/individual router and they get hacked or suffer a vendor-related security vulnerability?
Linksys Router Vulnerabilities
- Linksys WRT54GL: Cross-site upload vulnerability
- Linksys EA270o: XSS, file path traversal, insufficient authentication, CSRF, and source code disclosure vulnerabilities.
The vulnerabilities range from a WRT54GL CSRF attack that could replace router firmware to a EA2700 cross-site scripting (XSS) on the apply.cgi page.
On a Linksys EA2700 router, anybody on the same network can change the routers password and enable remote management. This would allow them to access your network from the Internet. It’s also possible for a remote attacker on the Internet to design a malicious website that would exploit the same vulnerabilities without actually being on your home network. Now thats what I call a CSRF attack! –Phil Purviance
It will be interesting to see the timeline of how quickly Belkin/Cisco will respond to Purviance’s research. Though Linksys is not the only babe on the block to expose vulnerability cleavage; some companies need to dump their attitude and respond to vulnerabilities in a timely manner…
D-Link® Router Vulnerabilities
D-Link Dir-600 and Dir-300 (HW rev B1) vulnerabilities was also disclosed earlier this year by security researcher (Michael Messner), stating that D-Link routers could be compromised via the Internet. Messner also noted insecure cryptographic storage where the D-Link password is stored in plain text on the device. D-Link responded that this was a user and or/browser security problem, so they do not plan to provide a fix.
TP-Link Router Vulnerabilities
TL-WDR4300 and TL-WR743ND (v1.2 v 2.0) contain a backdoor that allows hackers to gain access to the device.
Home Network Security Considerations
For security reasons you should disable UPnP on your router (use port forwardinginstead), disable Remote Management, disable WPS, and turn off DMZ.
Rapid7 has released a free scanner tool that checks to see if your home network enabled devices are vulnerable to attack via the UPnP protocol.
Recent research from Rapid7 revealed that around 40-50 million network-enabled devices are at risk due to vulnerabilities found in the Universal Plug and Play (UPnP) protocol. UPnP enables devices such as routers, printers, network-attached storage (NAS), media players and smart TVs to communicate with each other. Three groups of security flaws in the protocol are exposing millions of users to remote attacks that could result in the theft of sensitive information or other criminal activity such as spying. –Rapid7
Why should you disable WPS?
You are probably wondering why you should disable WPS, since it is a convenient way to set up wireless access with the mere push of a button. Why? Because it is an easy target for brute-force attacks and a hacker can crack it within a day (generally less) with free, readily available open-source software.
Recommendations from the past that offer zero value
Don’t waste your time disabling SSID broadcasting or mess with setting up MAC filtering. War-driving software still exists and will display all SSID’s, and I can see your MAC address with my scanner and spoof it too. The only thing that MAC filtering is good for is to set up ACLs (Access Control Lists).
Great Aunt Know-It-All
I once had a great aunt (who has since passed) that decided to get online and get with it (or so she said). She wasn’t the type of person who could sit down and RTFM. She was all about trying out new things in life, just because they existed. Hello Usenet. She failed to realize that trolls were heavily-integrated into the inflammatory nap of all Usenet communal fabric. Instead of stitching silently along the seams, she opted to rip the trolls right out of their seams. She failed to realize that she was a few generations behind the times and ended up with migraines, leg pains, and over-tipping a late night bottle.
What’s my point?
Home networks are connected to many Great Aunt Know-it-alls. They have never read any router manuals or How-To’s. They don’t know the difference between a router and a desktop. They just know that the box (router) can connect them to the web and that their desktop has stuff they can click on. Great Aunt Know-it-all really doesn’t know it all!
Where am I going with this?
We in-the-know may have neighbors, friends, or family who will never RTFM. They click on any web link, download any attachment, retweet any spam link, and share status updates on Facebook that make you want to scream. You know the type. We all live with them, live near them, or try to get through life avoiding them. They permeate our global environment. Since we can’t change them through education or example; We in-the-know should perhaps offer to adjust their router settings to make their home network a bit safer for all the rest of us and perhaps oust some Wi-Fi moochers too! Pay it forward, so to speak – or call it one-up for some great digital karma.
Do you have any home network router tips to add? Be sure to leave a comment here to share with the rest of the EE community. Want to virtually slap me in the head because you disagree with something I posted? You can do that too!