Skip to main content

Why You Need to Change Your Broadband Router Password

In this article, Sid Stamm, Zulfikar Ramzan, and Markus Jakobsson have developed a clever, and potentially devastating, attack against home routers. If you are using these mentioned routers in your office, it's time to change that default password.

So how does it work? First, the attacker creates a web page containing a simple piece of malicious JavaScript code. When the page is viewed, the code makes a login attempt into the user's home broadband router, and then attempts to change its DNS server settings to point to an attacker-controlled DNS server. Once the user's machine receives the updated DNS settings from the router (after the machine is rebooted) future DNS requests are made to and resolved by the attacker's DNS server.

And then the attacker basically owns the victim's web connection.

The main condition for the attack to be successful is that the attacker can guess the router password. This is surprisingly easy, since home routers come with a default password that is uniform and often never changed.

They've written proof of concept code that can successfully carry out the steps of the attack on Linksys, D-Link, and NETGEAR home routers. If users change their home broadband router passwords to something difficult to guess, they are safe from this attack.

Additional details (as well as a nifty flash animation illustrating it) can be found here. There's also a paper on the attack. And there's a Slashdot thread.

Cisco says that 77 of its routers are vulnerable.

Note that the attack does not require the user to download any malicious software; simply viewing a web page with the malicious JavaScript code is enough.

Comments

Popular posts from this blog

From Toilet Cleaner to CEO

On 22-April-2012, my entrepreneurship journey story was published by The Sunday Times in Singapore by Mr. Wong Kim Hoh








































Making Optimum Choices in Life

I was asked by one of my business mentees I am currently mentoring, "How do I make the most optimum choice in life when I am bombarded with possibilities all the time?"Life is full of choices. This choice, that choice, both choice or none of the above. THAT's a whopping 4 choice!  Choice can open the door to a whole new possibilities, not only at cross-roads on our path in life, but in each moment, giving us access to the bountiful of possibilities with which we can paint our world any way we want it to be.  We can choose a new action, thought or feeling at any time, and create an entirely new reality as a result.  Every choice has an impact or consequence, to a greater or lesser extent, each one like a pebble dropped in a pond; the ripples, the ramifications, spreading out into your future and other areas of your life. Even one small choice made today that shifts your life by a minor degree can take you to an entirely different future than the one you are heading, opening …

The 4 Essentials of Effective Leadership

I read this article written Mark Raciappa, ActionCOACH and I totally agree. His communication is clear, concise and it resonated with me. Mark says;
I remember a bumper sticker: “Either Lead or Follow—But Get Out of the Way!”
Interestingly, in my company, I say something similar and it goes like this "If you can lead, lead. If you can't lead, follow. If you cannot lead or follow, get out of my way!
Mark continued to write that, when our role calls for the former, here are 4 important things to keep in mind:1. Great leaders communicate. Realizing that good communication is a 2-way street, we must be responsible for our part. That being said, true communication is the response that you get. Whatever form you choose (verbal, mail, e-mail, etc), if you don’t get the outcome you seek (from a “willing” recipient), the responsibility lies with the sender. Great leaders confirm, gain commitment, and solicit feedback to improve the process.2. Great leaders make decisions. Far too ofte…