Skip Links

Network World

Jim Duffy

Cisco responds to Black Hat's Million Router Hacker

Company posts ways to prevent DNS rebinding attack on Linksys routers

By Jim Duffy on Tue, 07/27/10 - 5:23pm.

Cisco has posted a blog entry in response to the talk being delivered this week at Black Hat on hacking millions of consumer routers. We blogged on this talk two weeks ago

Basically, the presenter claims that a DNS rebinding technique can be used by an attacker to infiltrate the router and take control of a user's Web browser to invade internal files and applications. The technique makes Cisco Linksys WRT routers vulnerable, as well as those from ActionTec, Asus, Belkin, Dell and Thompson. 

But Cisco, in this week's blog post, claims users can protect themselves from the hack by changing some of the default settings on their Linksys WRT router:

We've tried to reach the researcher for a chat, but based on existing information doing any of these following steps on your Linksys WRT model router will help provide security:

WRT models ship with default settings that are known to anyone who uses the same router, Cisco says in the post. So changing the default password and SSID will help prevent the DNS rebinding attack.

Linksys E-Series and the new Valet home routers are not susceptible to the DNS rebinding vulnerability because software on these models establish new SSIDs and passwords automatically during initial setup. Cisco says.

More from Cisco Subnet:

 

All of today's Cisco news and blogs

Cisco wants to be the standard

Wendell Odom: Tons of Answers at Networkers

Forget Apple. RIM should fear Cisco's Cius

Why You Can No Longer Afford to Consider Presence an Optional Component

The Next Generation of Routing Architecture

Hands on with the Android tablet "Cius" that Cisco announced at Cisco Live

High Availability, Headless Communists, and Other Random Thoughts from Networkers

Lieberman Cybersecurity Bill Could Change IT Procurement

Like RSS readers? Subscribe to the Cisco Subnet RSS feed

 

Follow all Cisco Subnet bloggers on Twitter.
Follow Jim Duffy on Twitter

 

About The Cisco Connection

The Cisco Subnet blog is written by Network World managing editor Jim Duffy Visit the Cisco Subnet home page daily and while you are there, subscribe to the Cisco Alert e-mail newsletter, which includes news and views generated by the Cisco Subnet community as well as Cisco-related stories on Network World and elsewhere on the Web.

Follow Jim Duffy on Twitter

 

Most Discussed Posts