Skip to main content

Elsewhere Online: Default Router Passwords Could Compromise Home Networks

This Slashdot story points up a vulnerability that some people might have left exposed on their home routers from companies like Linksys, D-Link and NetGear.

Whenever I set up a router, I make sure to reset the default password for that router. This is the password that allows you to setup and change settings within the router, not the password you might use to connect to your wireless network. That said, some of you might still be using the default password.

An exploit has been discovered that allows a malicious web page to access your router setup information, if it still uses the default password, and change settings within the router. Not a good thing.

If you are wondering if your router still has its factory default password, drop me an email at techiq@welchwrite.com and I can give you some instructions that will allow you to test for it.

Drive-By Pharming Attack Could Hit Home Networks

Rob wrote in with a link to a CBR Online article discussing drive-by pharming, a new exploitation technique developed by Indiana University and Symantec Corporation. While it's not known if the technique is in use 'in the wild', the exploit could easily co-opt the web-browsing habits of a user that had not properly configured their router. "The attack works because most of the popular home routers ship with default passwords, default internal IP address ranges, and web-based configuration interfaces. The exploit is a single line of JavaScript loaded with a default router IP address, a default password, and an HTTP query designed to reconfigure the router to use the attacker's DNS servers." The article goes on to discuss several related and more advanced techniques related to this one, which security companies will have to keep in mind to guard against future attacks.

(Via Slashdot.)
Technorati Tags: , , , , , , , , , , ,

Comments

Popular posts from this blog

Onion Pi makes your web traffic anonymous via Open Electronics

Hmmm, might be an easy (and relatively cheap) way to play around with Tor and learn a bit more about this anonymizing service. -- Douglas Adafruit’s Onion Pi is a Tor proxy that makes your web traffic anonymous, allowing you to use the internet free of snoopers and any kind of surveillance. Follow Adafruit’s tutorial on setting up Onion Pi and you’re on your way to a peaceful anonymous browsing experience. Tor is an onion routing service – every internet packet goes through 3 layers of relays before going to your destination. This makes it much harder for the server you are accessing (or anyone snooping on your Internet use) to figure out who you are and where you are coming from. Read Onion Pi makes your web traffic anonymous via Open Electronics * A portion of each sale from Amazon.com directly supports our blogs ** Many of these books may be available from your local library. Check it out! An interesting link found among my daily reading

How to Build a Raspberry Pi-Powered Digital Photo Frame via Tom's Hardware

A digital photo frame is a small screen that can sit on your desk in your office or in your kitchen displaying your favorite pictures, changing at regular intervals. The first commercial digital photo frame was introduced in the 1990s shortly after the digital camera. Digital photo frames made a comeback in popularity during 2020, perhaps because people were staying at home more. In this tutorial, we’ll turn our Raspberry Pi into a digital photo frame using MagicMirror and the GooglePhotos module. Please note, we will skip installation of the 2-way mirror in the original Magic Mirror project. Consider this project, “Magic Mirror, without the mirror.” Read How to Build a Raspberry Pi-Powered Digital Photo Frame via Tom's Hardware An interesting link found among my daily reading

On my Mac/Windows PC…Disk Inventory X/WinDirStat

Disk Inventory X | WinDirStat   There comes a time in every computer user's life when they need to figure out why their hard drive is out of space and Disk Inventory X and WinDirStat are a great help. Their operation is pretty straightforward. Look at the hard drive directory and see what is taking up the most space. Then allow the user to prune, backup or other remove these files to free up some space. Simple, effective and very, very useful when you need it. Free Previously in On My Mac... iMovie Tweetdeck Celtx Scriptwriting Software LogMeIn Kindle Reader MarsEdit Blog Editor Cyberduck Minecraft Dropbox Garageband MPEG Streamclip Google Chrome Evernote On My Mac/Windows PC is an on-going series highlighting the software (and sometimes, hardware) I use on my Mac nearly every day. Look for additional On My Mac…posts in the coming weeks! -- Douglas