SUBSIM Radio Room Forums - Router insecurity

SUBSIM Radio Room Forums (https://www.subsim.com/radioroom/index.php)

- PC Hardware/Software forum (https://www.subsim.com/radioroom/forumdisplay.php?f=235)

- - Router insecurity (https://www.subsim.com/radioroom/showthread.php?t=129036)

Router insecurity

Figured I'd mention this - either turn off uPnP on your router, surf with Firefox and upgrade your flash for it manually, or if you still need uPnP, make sure your router is not at the default address of 192.168.0.1. Part of this hack has a bit of a snag in that they must either guess, or brute force your routers IP address. If it is not at the default of 192.168.0.1, then it makes it difficult to implement.

-S

Quote:

Most home routers 'vulnerable to remote take-over'

Universal plug and prey

Security mavens have uncovered a design flaw in most home routers that allows attackers to remotely control the devices by luring an attached computer to a booby-trapped website.

The weakness could allow attackers to redirect victims to fraudulent destinations that masquerade as trusted sites belonging to banks, ecommerce companies or health care organizations. The exploit works even if a user has changed the default password of the router. And it works regardless the operating system or browser the computer connected to the device is running, as long as it has a recent version of Adobe Flash installed.

"This is a huge problem," Adrian Pastor, of the prolific hacking organization GNUCitizen, said in an instant message.

The problem resides in Universal Plug and Play, a feature built in to most routers used for home networks so machines running games, instant messaging programs and other applications will work seamlessly with the devices. By exposing an end user to a malicious Flash file lurking on a website, attackers can use UPnP, as the technology is usually called, to make significant modifications to the router.

The most serious change that's possible is changing the the server PCs connected to the router use to access websites. That might cause a victim trying to access eBay or Bank of America to see spoofed pages that steal their login credentials.
The hack could also allow attackers to open ports on a victim's router. That would be useful in turning a router into what would amount to a zombie machine by forwarding ports to an external server.

The weakness, which works using the navigatetoURL function and URLRequest object specified in Flash, isn't a security flaw within Flash, the researches say. Rather they are design flaws in UPnP, which doesn't use authentication. PCs using virtually any platform and browser will change router settings, as long as they run version 8 or higher of Flash.

Routers made by Linksys, Dlink and SpeedTouch have been confirmed to be vulnerable, and other manufacturers' products are also likely susceptible to attack, the researchers said. Most routers have UPnP turned on by default. The only way to prevent the attack is to turn the feature off, something that is possible with some, but not all, devices.

Great, just what I need.
Though I do use FireFox with NoScript running constantly - even Subsim.com only has scripts 'partially allowed... google-analitics.com and googlesyndication.com and quantserve.com are forbidden in my settings.
Just about everywhere else is blocked too... all of the crap on youtube, plus other flash media and advertising and other embedded links. At least that's how I think it works.

I seem to remember having to check to see if UPnP was enabled on my router fairly recently. Some gaming thing I believe.

Glad im one of those assinie people who run a firewall behind the router. :rotfl:

Quote:

Originally Posted by Ducimus

Glad im one of those assinie people who run a firewall behind the router. :rotfl:

Make that two. :D

correction... 3 :smug:

A firewall won't do you a whole lot of good in this scenario since uPnP is allowed to punch holes and open up ports in it if you allow it to operate properly.

Sorry for the bad news.

-S

PS. This is why professional firewalls like Monowall will not even allow uPnP and they have no plans to support it.

I also do not use IE.

IE, is like fitting a submarine with a screen door.

edit:

BTW, ive always loved this site:
http://www.grc.com/default.htm

Quote:

Originally Posted by Ducimus

I also do not use IE.

IE, is like fitting a submarine with a screen door.

edit:

BTW, ive always loved this site:
http://www.grc.com/default.htm

Firefox is also vulnerable if you do not manually upgrade its flash to the latest version.

-S

hmm, how do I do that... automatic update ie. 'you need latest version to view content' message has failed to 'update' in the past... with no link to 'install this file manually' :-?

Do you just dl the installer ?
http://plugindoc.mozdev.org/windows.html#Flash

Quote:

Originally Posted by jumpy

http://fpdownload.macromedia.com/get...ash_player.exe

The above link is to install the latest.

This link is to show you what version is currently running - http://kb.adobe.com/selfservice/view...nalId=tn_15507

9.0.115.0 combined with Firefox is the immune version.

-S

Thanks mate. :up:

Quote:

your player version: WIN 9,0,28,0

It would appear that I am somewhat behind the times... :lol:

Quote:

Originally Posted by jumpy

Thanks mate. :up:

Quote:

your player version: WIN 9,0,28,0

It would appear that I am somewhat behind the times... :lol:

Yep - upgrade already. :up:

-S