Re: exploiting printers, home routers & smb routers

From: Peter Gutmann (pgut001@cs.auckland.ac.nz)
Date: 08/23/02

Previous message: h1kari: "ToorCon Computer Security Conference 2002 Announcement"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 23 Aug 2002 14:51:50 +1200 (NZST)
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: chrisd@cissmb.pointclark.net, vuln-dev@securityfocus.com

<chrisd@cissmb.pointclark.net> writes:

>I started thinking ..., I'm no hardware expert but couldn't this be modified
>& applied to all the home & small business routers ??? (linksys, smc, d-link,
>etc ...)

One thing which has always baffled me is why no trojans have yet appeared
which telnet to the default gateway from the compromised box, log on using
default passwords for Cisco, Linksys, Netgear, etc, routers, and disable all
firewalling. This would probably get about 95% of all routers [1].

Peter.

[1] OK, that's a random guess, let's say 99% of all SOHO routers and at least
50% of larger comercial setups.

Previous message: h1kari: "ToorCon Computer Security Conference 2002 Announcement"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Firewalls and Wireless Routers
... Even worms, trojans and the like will pass through the routers, because ... their traffic came from within the protected network. ... software firewall would pick up a signature of suspicious activity and alert ...
(microsoft.public.windowsxp.general)
Re: Router firewall
... > routers and all the Belkin routers. ... > Lars M. Hansen ... Not all SOHO routers have SPI that works and I ...
(comp.security.firewalls)