This is why I offer everyone I work with and people I do work for to configure their equipment for them. Most people will buy it, plug it in and go. Very bad idea.
Latest security headlines from Network World:
China Netcom falls prey to DNS cache poisoning
Lockdown monitors the security of your computer
Analyzing fundamental flaws: Opening vs. unlocking
|
Does Verizon's Voyager stack up to the iPhone? |
|
|
5 IT skills that won't boost your salary 
[1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
|
|
Good for you, Willie
You are a good man.
Actually thats not the
Actually thats not the problem and of course neither a solution...
The vulnerability consists in that via a bug inside the configuration wizard and attacker can overwrite the current admin password...
So the victim just need to see a simple image or flash or iframe, etc... and the modem password will be changed without even you notice, obviously after this the attackers send the necessary commands to add the dns resolve routes to the fraudulent bank site.
All this of course without you even notice, cause like i say before you just need to open any website and bang! you will be instantly driving-by-pharming.
So it doesn't bother that you have a 64 digits with alphanumeric + special chars or a really huge pass phrase in other to protect of these attacks, cause this is a flaw in the modem, this is a really major issue inside the 2wire modems and many other manufacturers that have same issues...
Not the UPnP vulnerability then?
So this attack is dependent on factory password authentication and not a result of the well publicised UPnP vulnerability which of course requires nothing other than UPnP to be enabled which is a default setting on most home routers and access points?
sounds to be similar
sounds to be similar to:
http://blog.trendmicro.com/targeted-attack-in-mexico-dns-poisoning-via-modems/
People must learn to change
People must learn to change their router's password and take this security risk seriously.
Router Passwords
I have an idea.
What if the routers came from the vendor, pre-configured with a default password, one that involved say the serial number of the device? It would be unique, it would be immediately available to the user. If the user wanted to change it or remove it, then that was HIS business.
Not great, but better than "password" or no pasword at all.
Targeted Attack in Mexico: DNS Poisoning via Modems
http://blog.trendmicro.com/targeted-attack-in-mexico-dns-poisoning-via-modems/
User set up vs. Admin
Routers are new to me.. But I learned that my USER ID & PWD in my router is set by my ISP.... no way to manage that except routinely ask them for a new install?
Then I learned that the "Router PWD" CAN be managed by me. No one said that as I installed the Linksys router...
SO, change the Router PWD is about all I can do re: Diarming the 'PHarmers', right?
Cheers,