This one’s going to be a little dry, but it’s actually a bit of a public service announcement for friends. For anyone who has a home router appliance (from Linksys, Netgear, D-Link, etc.) on their incoming cable modem/DSL service, double check and make sure you have changed the administrator password on the box to something other than the default.
Some folks have come up with a successful attack that they term “drive-by pharming” where they trick your web browser into logging into your router and changing settings to allow external attacks on your computers. Most SOHO routers come set by default to not allow connections from the outside Internet. However, this attack makes use of your browser so that the attack comes from inside your network (by way of your computer’s browser). The good news is that the attack is completely dependent on you leaving your router set to its default IP address and password. If you change the administrator password, you’re safe.
One reply on “Home router vulnerability”
I have a friend who sniffs for open wireless networks, checks the router for the defaults, looks for the presence of a printer on the network, and then sends a print job to the printer telling the user how to secure their network. :chuckle: