Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

firewall-wizards logo Firewall Wizards mailing list archives

Re: Home/SOHO "Firewall" Routers
From: Vin McLellan <vin () theworld com>
Date: Wed, 09 Jun 2004 15:15:08 -0400
At 6/9/2004, Jim wrote:

>[...] I've identified four likely candidates and am wondering if
>anybody on the list has had any experiences with any of these
>devices and would care to render an opinion.  The candidate
>products are (so far):
>
>. LinkSys BEFSX41
>. D-Link DI-804HV
>. Netopia 3386-ENT
>. SMC 7004VBR
>
>The most important characteristics would be, of course, how
> good are their security records, degree of configurability
>(ingress/egress packet filtering) and reliability (saw one
>complaint about one of them that, when some of the advanced
> filtering stuff was activated, it crashed regularly).  Also of
>interest are ease of interfacing with a variety of residential
>broadband service types (DHCP, PPPoE), performance
>(throughput), and any experiences with the manufacturer's
>technical support department.
It's been hard to miss some recent data points about security at that end of the industry.... 

1. Linksys WiFi Gateway Remote Attack Risk
Slashdot URL: <http://tinyurl.com/yuh8j>
"According to InternetNews.com, a tech consultant discovered that even if you turn the remote administration feature off on a Linksys WRT54G -- the single bestselling Wi-Fi device in the world -- you can still remotely access it through ports 80 and 443. Linksys sets the HTTP username to nothing and password to 'admin' on all of its devices by default. Web site scanning from anywhere in the world to devices that have routable Internet-facing addresses would allow script kiddie remote access, at which point you could flash the unit with new firmware, extract the WEP or WPA key, or just mess up someone's configuration and change the password." 

2.  Netgear's silly fix for Netgear Router backdoor
Slashdot URL: <http://tinyurl.com/2ffcf>
An anonymous reader writes "Recently Slashdot reported that the Netgear router has as WLAN backdoor. According to this report by the news service of the German publisher Heise Netgear "fixed" the problem with a firmware update. And what is the fix? According to Heise, they didn't remove the backdoor at all. Instead they just changed the login information! They replaced the old user name 'super' with 'superman', and changed the old password to '21241036'. " 

3. Benkin Routers route user to Censorware Ad
Slashdot URL: <http://tinyurl.com/ysdd4>
The Register has a story today about Belkin routers redirecting their users' network traffic. To me, this seems like the logical next step after top-level domain name servers piping ads to your browser. Now the routers themselves hijack the traffic they are supposed to, uh, route -- and you'll love where they send you instead. But it's OK because you can opt out. Incidentally, the Crystal Ball Award goes to Seth Finkelstein, who in 2001 quoted John Gilmore's famous aphorism about the internet, and asked "What if censorship is in the router?"
_Vin 

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]