Stories
Slash Boxes
Comments

SoylentNews is people

How Secure Can Your Router Get?

posted by n1 on Thursday November 12 2015, @11:48AM   Printer-friendly
from the air-gap-the-router dept.

Phoenix666 writes:

A hacked/compromised router is the worst thing that can happen to computer users.

Any computing device (smartphone, tablet, laptop, desktop, refrigerator) sitting behind a compromised router can be attacked in every known way.

Needless to say, a router can be used for spying, not just on normally insecure communications but its also a perfect host for man-in-the-middle attacks on supposedly secure communication (SSL/TLS/HTTPS).

Compromised routers can send victims to scam versions of websites, a great way to collect passwords. In August, Jeff Atwood wrote about two people whose routers were hacked. One router modified web pages to show extra ads, another tricked a victim into installing a hacked version of the Chrome browser. And, of course, a router can be used to install malware on computers too. Did your last Flash update really come from Adobe? How would you know?

Original Submission

 
This discussion has been archived. No new comments can be posted.
How Secure Can Your Router Get? | Log In/Create an Account | Top | 34 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Thursday November 12 2015, @09:12PM

    by Anonymous Coward on Thursday November 12 2015, @09:12PM (#262364)

    Actually, you can MITM SSL/TLS. Well, you might not be able to, but I can.

    The other respondent is correct in using the term "captive portal" but web proxies can do similarly. NIDPS and DLP suites cant monitor encrypted traffic, so for companies that actually care about good IT, we MITM every connection. Client tries to connect somewhere, but really the proxy intercepts it, modifies, and retransmits kinda like a much more complicated PAT. The remote server connection is done similarly. Once the actual encrypted channel is up and running, the client side is being decrypted and scanned at the web proxy, then encrypted with the web proxy credentials and sent to the remote server. It all works because the clients trust the local network and trust the corporate servers. Odds are pretty good you have used connections like this many times if you have ever worked in a modern corporate environment.

  • (Score: 0) by Anonymous Coward on Friday November 13 2015, @12:53PM

    by Anonymous Coward on Friday November 13 2015, @12:53PM (#262608)

    If you have such a "modern corporate environment", with proxy servers and all, why are you worried that the IT department is run by a grand mother who cannot figure out how to set up the $20 WIFI router connecting the company to the internet?

  • (Score: 2) by darkfeline on Saturday November 14 2015, @01:32PM

    by darkfeline (1030) on Saturday November 14 2015, @01:32PM (#263235) Homepage

    Right, the client has to explicitly trust the MITM server. Why your home router has an SSL cert that is added as a trusted root CA on all of your devices is beyond me.

    --
    Join the SDF Public Access UNIX System today!