Home Router Password Alert!
If you're running any sort of home router, it's time to change its password - NOW! Bruce Schneier's security blog carries details of a just-released drive-by pharming attack of breathless simplicity with potentially disastrous results;
First, the attacker creates a web page containing a simple piece of malicious JavaScript code. When the page is viewed, the code makes a login attempt into the user's home broadband router, and then attempts to change its DNS server settings to point to an attacker-controlled DNS server. Once the user's machine receives the updated DNS settings from the router (after the machine is rebooted) future DNS requests are made to and resolved by the attacker's DNS server.
And then the attacker basically owns the victim's web connection.
The main condition for the attack to be successful is that the attacker can guess the router password. This is surprisingly easy, since home routers come with a default password that is uniform and often never changed.
The proof-of-concept code lists attacks on Linksys, D-Link and NETGEAR home routers, and Cisco have confirmed that 77 of their routers are vulnerable.
PC World is New Zealand’s top selling computing and technology magazine.
Comments
Shit I could be a drive-by spammer without knowing it just because I'm to lazy to properly sort my router. It's not surprising though, I only ever read a manual if I can't get it working by myself and then I only read enough to get me over whatever the prob that's holding me up in my install. I guees I'm not alone though. Sorry for any spam that may have come through me guys I'll try to try harder.
Posted by: Adam | March 3, 2007 7:05 PM