home routers vulnerable to attack

[Note: this article updated February 22, 2007]

Urgent security alert: home routers vulnerable to attack

Security researchers have discovered an extremely serious vulnerability in virtually all brands of home routers that makes them vulnerable to the kind of hacking that can lead to fraud and financial losses by large numbers of persons.

I urge you to change the default password on your home router as soon as possible. Only routers with no password, or the default password, are vulnerable.

Instructions for changing passwords on the most popular routers here:

D-Link

Linksys

Netgear

I am sure that more than 90% of home routers are running full default settings, including administrative password. This is due to their success: routers today are virtually plug-and-go, with no need ever to log in to make changes. Well, this success could lead to their downfall.

Read articles here:

http://news.com.com/2100-7349_3-6159938.html?part=rss&tag=2547-1009_3-0-10&subj=news

http://www.pcmag.com/article2/0,1895,2095313,00.asp

http://www.symantec.com/enterprise/security_response/weblog/2007/02/driveby_pharming_how_clicking_1.html

http://computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9011339&taxonomyId=17&intsrc=kc_top

http://www.darkreading.com/blog.asp?blog_sectionid=342&WT.svl=blogger1_3

Many of Cisco’s routers are vulnerable to this attack. Story here:

http://www.networkworld.com/news/2007/022007-cisco-says-77-of-routers.html?nlhtbug=0219bug2&company=

Cisco advisory here:

http://www.cisco.com/en/US/products/products_security_response09186a00807e392f.html

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.