SoylentNews is people
SoylentNews
from the flash-alternate-router-firmware-for-protection dept.
janrinok writes "A recent survey carried out by Tripwire, reported by the BBC, claims that "80% of the 25 best-selling routers available on Amazon are vulnerable to compromise". Security researcher Craig Young from Tripwire said exploits had been publicly discussed and published for more than one-third of these devices.
In a separate report, the Internet Storm Center (ISC) warned about a continuing attempt to exploit a vulnerability in 23 separate models of Linksys routers. A worm, called 'The Moon' is compromising Linksys routers and then scans for other potentially vulnerable systems. So far, wrote ISC researcher Johannes Ullrich in his blogpost, it is not clear why the routers are being compromised and what might be done with them. There are hints in the exploit code that the routers will at some point be gathered together into a network of compromised machines. Currently, he added, all the worm was doing was spreading to other Linksys routers.
The reason for the current European concern is a recent large scale attack on home routers in order to gather usernames and passwords for online bank accounts, reported by the Polish Computer Emergency Response Team (CERT) and elsewhere."
(Score: 2, Informative) by lennier on Monday February 24 2014, @04:01AM
It looks like the 80% "research" is paywalled, or at least spamwalled. This page is as close as I could get [tripwire.com], but I'm not giving them my email address just to read a vague assertion.
Delenda est Beta
(Score: 2, Informative) by drgibbon on Monday February 24 2014, @04:33AM
Try this [guerrillamail.com].
Certified Soylent Fresh!
(Score: 3, Informative) by Jerry Smith on Monday February 24 2014, @04:56PM
I did.
1. Don’t enable remote management over the Internet.
2. Passwords matter.
3. Don’t use the default IP ranges.
4. Don’t forget to log out after con- figuring the router.
5. Turn on encryption and turn off WPS.
6. Keep the router firmware up-to-date.
God I felt belittled...
All those moments will be lost in time, like tears in rain. Time to die.
(Score: 2, Interesting) by drgibbon on Tuesday February 25 2014, @01:02AM
Seems to be pretty standard stuff. Is number 3 referring to DHCP ranges?
Certified Soylent Fresh!
(Score: 1) by Jerry Smith on Tuesday February 25 2014, @06:51AM
Yep, 84% of the home routers is still default and 45% of the business routers, that's what is says in Fig. 4. That's ALL it says in Fig. 4: a pie chart with yes and no.
3. Don't use the default IP ranges. Predictable addresses make CSRF attacks easier (Fig. 4). Rather than 192.168.1.1, consider 10.9.8.7 or something else which is not commonly used. This is a simple but effective technique for decreasing the likeli- hood of a successful CSRF attack.
All those moments will be lost in time, like tears in rain. Time to die.
(Score: 2) by janrinok on Monday February 24 2014, @02:41PM
As the original poster, I can assure you that there was once a decent page on the end of that link!
I can only assume that, with the increase in traffic caused by SN (Yippee!), they have tried to 'monetize' the opportunity. Perhaps all that is simply wishful thinking...