Re: exploiting printers, home routers & smb routers

From: Stan Bubrouski (stan@ccs.neu.edu)
Date: 08/22/02 

Date: Thu, 22 Aug 2002 11:45:07 -0400
From: Stan Bubrouski <stan@ccs.neu.edu>
To: chrisd@cissmb.pointclark.net

chrisd@cissmb.pointclark.net wrote:
> I read the black hat presentation on exploiting printers:
>
> http://www.blackhat.com/presentations/bh-usa-02/bh-us-02-phenoelit-network.pdf
>
> , good stuff & a real eye opener!
>
> I started thinking ..., I'm no hardware expert but couldn't this be
> modified & applied to all the home & small business routers ??? (linksys,
> smc, d-link, etc ...)
>
> As we all know so many of them are:
>
> - can be configured through a web interface
> - their default config is not changed
> - are accessible through inet (lack of config)
> - keep their default accounts (lack of config)
> - new firmware can be uploaded
>
Indeed,

Which is why there are advisories all the time
about such problems in cable modems and routers
and switches. But Netgear RPXXX series routers
etc... do not have the admin interface enabled
on anything but the LAN, nor do most have SNMP
at all. Linksys routers are the same by default,
limited to the LAN for ocnfiguration connections,
althought they have other problems yet to be
addressed. For home DSL/Cable routers the biggest
problem I see at the moment that is still a general
problem is that many come with default logins
and default SNMP communities.

-Stan
> My question, could something similar to exploiting printers be done to
> routers or would the hardware be totally incompatible ?
>
> ch,
>
>
>

Relevant Pages