Sunday, February 18th 2007

Computer routers face hijack risk:

Researchers at both Symantec Corp. and the University of Indiana say routers are at risk of highjacking. The research found that router users are succeptable to hijacking of their hardware through malicious code hiding in specially crafted websites that could change settings on the network devices and begin phishing attacks. These attacks are very dangerous to users an example givin by cbc.ca states, "For example, a person could enter the correct address of their bank's website into their web browser but they would be taken to a fake site designed to steal their banking information." The scary thing is that this particular type of attack works on The on all major consumer routers, including routers made by Linksys, Belkin, Netgear and D-Link, but only after a user on that device visited a specially crafted web page for it to work.Source: cbc.ca
Add your own comment

31 Comments on Computer routers face hijack risk:

#1
Shyska
what do you think a gateway is? :laugh:
Posted on Reply
#2
Easy Rhino
Linux Advocate
Shyska said:
what do you think a gateway is? :laugh:
why not explain it to me then.
Posted on Reply
#3
Shyska
http://en.wikipedia.org/wiki/Gateway#Computer_Terminology

* Gateway, in networking technology, is a node that serves as an entrance to another network, and vice-versa. This is, in fact, an earlier name for Routers and both actually focus on the same concept - that is, hardware or software that routes (and filters) data coming through it. This retronym, however, now describes the same hardware or software technology that are mostly implemented in corporate enterprises that not only does routing and filtering of data, but also can include added routing, proxy functionality, as well as being advanced as to have Antivirus software scanning and filtering capabilities.

in short - a gateway is always a router.
Posted on Reply
#4
Easy Rhino
Linux Advocate
Shyska said:
http://en.wikipedia.org/wiki/Gateway#Computer_Terminology

* Gateway, in networking technology, is a node that serves as an entrance to another network, and vice-versa. This is, in fact, an earlier name for Routers and both actually focus on the same concept - that is, hardware or software that routes (and filters) data coming through it. This retronym, however, now describes the same hardware or software technology that are mostly implemented in corporate enterprises that not only does routing and filtering of data, but also can include added routing, proxy functionality, as well as being advanced as to have Antivirus software scanning and filtering capabilities.

in short - a gateway is always a router.
yes i know what a gateway is and i know the difference from a router. i want to know how they are able to acess the 'router' when it is in gateway mode.
Posted on Reply
#5
Shyska
i want to know how they are able to acess the 'router' when it is in gateway mode.
Getting access to router acting as router or router acting as a gateway is the same (there might be exceptions, ofc).

But i think i got what you want to say - that your PC's have static DNS server adresses. In that case hijacking router's DNS settings wouldn't wield any results.
Posted on Reply
#6
Alec§taar
A WORKAROUND & SPEEDUP + SECURITY method within: Take a read...

Shyska said:
But i think i got what you want to say - that your PC's have static DNS server adresses. In that case hijacking router's DNS settings wouldn't wield any results.
I can, for certain, tell you there is a sort of "protective & yet performance adding workaround" for not being able to access your DNS (domain name servers) for URL -> IP Address resolutions...

It's one that gains you added SPEED & SECURITY, right here & I use it, & now many others do on these forums & like it... take a read:

Why use an ADBANNER BLOCKING HOSTS file? Here is why:

http://forums.techpowerup.com/showthread.php?t=25937

:)

* It works, as far as if you can't get a valid DNS resolution for URL's you go to as your 'favorite sites', & get hijacked this way (turning off javascript will help too, because it's probably how this hijack works largely & why I've been turning it off for years in my browsers on the public internet)?

This 'blows you by that'...

(& that is just a 'side-effect' of its primary purpose really, which is the secure you online against malware payload bearing adbanners, & to speed you up for the ISP/BSP linetime access YOU PAY FOR, by not loading adbanners period, & to speed up access to your fav. sites IF you choose to make it active for that (I don't ship it THAT way, that part you have to make active yourself, because your fav. sites are not the ones I go to possibly, in my examples list in the file)).

Besides, even protecting YOURSELF & YOUR ROUTER, if you depend on remote DNS servers? Might not always be the 'end all do all' because the ROOT DNS SERVERS ARE UNDER ATTACK (usually are, all 13), see here:

DNS Root Server under attack:

http://it.slashdot.org/article.pl?sid=07/02/06/2238225

My methods also helps to alleviate THAT problem as well, to fav. sites you go to, should you choose to make that part of the file I put out here, active, by yourself doing it & leveraging that feature in it.

APK

P.S.=> Enjoy... it works! See others' estimations of it (around 15-20 others here by now) in the thread, & judge for yourselves.

ALL I know is, for this particular thing? Heck, who cares if my DNS "goes down" or "gets hijacked"?? I am NOT using it for my favorite sites list I put into this file... I get to them anyhow, & to their RIGHT IP Address, no DNS required... & faster/safer, period... apk
Posted on Reply