Skip to main content

Elsewhere Online: Default Router Passwords Could Compromise Home Networks

Image
By
This Slashdot story points up a vulnerability that some people might have left exposed on their home routers from companies like Linksys, D-Link and NetGear.

Whenever I set up a router, I make sure to reset the default password for that router. This is the password that allows you to setup and change settings within the router, not the password you might use to connect to your wireless network. That said, some of you might still be using the default password.

An exploit has been discovered that allows a malicious web page to access your router setup information, if it still uses the default password, and change settings within the router. Not a good thing.

If you are wondering if your router still has its factory default password, drop me an email at techiq@welchwrite.com and I can give you some instructions that will allow you to test for it.

Drive-By Pharming Attack Could Hit Home Networks

Rob wrote in with a link to a CBR Online article discussing drive-by pharming, a new exploitation technique developed by Indiana University and Symantec Corporation. While it's not known if the technique is in use 'in the wild', the exploit could easily co-opt the web-browsing habits of a user that had not properly configured their router. "The attack works because most of the popular home routers ship with default passwords, default internal IP address ranges, and web-based configuration interfaces. The exploit is a single line of JavaScript loaded with a default router IP address, a default password, and an HTTP query designed to reconfigure the router to use the attacker's DNS servers." The article goes on to discuss several related and more advanced techniques related to this one, which security companies will have to keep in mind to guard against future attacks.

(Via Slashdot.)
Technorati Tags: , , , , , , , , , , ,
Labels:

Comments

Post a Comment

Popular posts from this blog

Microsoft release Outlook.com email services to replace Hotmail

By
Today Microsoft released its new email service Outlook.com to replace its Hotmail brand. This new streamlined Metro interface design looks good and functions well so far. You can use your existing Microsoft account to log in and then choose an email alias (i.e. douglaswelch@outlook.com) for your new email address. Here are several articles that discuss Outlook.com... Goodbye, Hotmail; Hello, Outlook.com [REVIEW]  Outlook Is a Completely New, Feature-Filled Webmail Service from Microsoft Go Get Your @Outlook Email Address Quick Before Someone Else Does I will post links to more articles and reviews as they appear.
Post a Comment
Read more

Tiny Wow - Tools That Solve Your Files Problem - Convert to/from many file formats [Shared]

By
A nice collection of quick, online tools, to convert to and from a variety of file types. Just the site to keep in mind when you need to shuffle one type data into a new system. — Douglas TinyWow & Your Privacy Don't you love finding a great online tool-set that claims to be free, let's you build and interact the way you want, only to be denied access if you don't pay for an account(or sign up for an account). Our site is free. We don't limit. We don't even take sign-ups. Might we take sign-ups one day? Sure, we probably will(but not any time soon). When we do go down that route, what we will NOT do is trick you into spending your time using our tools, only to be denied access before you can download what you have just spent your precious time creating. TinyWow is free. We don't have ads, we don't sell data. We currently have no plans to monetize. Why offer these tools for free? We operate two tech websites: Alphr & TechJunkie. We thought our use
Post a Comment
Read more

TechIQ Gift Guide #15: Sams Teach Yourself Wordpress 3 in 10 minutes

By
#15 Sams Teach Yourself Wordpress 3 in 10 minutes Chuck Tomasi , fellow Friends in Tech member and co-author of Podcasting for Dummies , along with another Friends in Tech member and podcasting partner, Kreg Steppe , have a new book out that would be a great gift for anyone interested in blogging and New Media. Wordpress is my first recommendation when someone wants to get started with blogging, but it can be a little intimidating. It is very powerful and with power comes complexity. That said, this book can help to jumpstart your Wordpress knowledge and help you be productive. There is also a companion podcast to the book, Wordpress in 10, available from the author's web site. From Amazon.com... "Sams Teach Yourself WordPress in 10 Minutes gives you straightforward, practical answers when you need fast results. By working through its 10-minute lessons, you’ll learn everything you need to build great blogs with WordPress and WordPress.org, and reach any audience by web brows
Post a Comment
Read more