Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sat 19 Oct 2019, 18:50
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Your Router's Security Stinks
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [15 Posts]  
Author Message
labbe5

Joined: 13 Nov 2013
Posts: 2012
Location: Canada

PostPosted: Fri 19 Oct 2018, 17:59    Post subject:  Your Router's Security Stinks
Subject description: How to Fix It
 

https://www.tomsguide.com/us/home-router-security,news-19245.html

Routers are the essential but unheralded workhorses of modern computer networking, yet few home users realize they are computers, with their own operating systems, software and vulnerabilities.

Most gateway routers used by home customers are profoundly not secure, and some routers are so vulnerable to attack that they should be thrown out.

"If a router is sold at [an electronics chain], you don't want to buy it," independent computer consultant Michael Horowitz said in a presentation. "If your router is given to you by your internet service provider [ISP], you don't want to use it either, because they give away millions of them, and that makes them a prime target both for spy agencies and bad guys."

Horowitz recommended that security-conscious consumers instead upgrade to commercial routers intended for small businesses, or at least separate
their modems and routers into two separate devices. (Many "gateway" units, often supplied by ISPs, act as both.) Failing either of those options, Horowitz gave a list of precautions users could take.


If you are the tech-savvy individual in your house, do not fail to read this from start to finish to help your family stay secure online.

Further reading :
https://routersecurity.org/
https://www.ipaddress.com/articles/change-ip-address
https://www.vpnranks.com/how-to-protect-wi-fi-network/
Brute force and dictionary attacks
https://www.techrepublic.com/article/brute-force-and-dictionary-attacks-a-cheat-sheet/
Home Network Security
https://www.us-cert.gov/ncas/tips/ST15-002
Routersploit
https://linuxsecurityblog.com/2019/09/26/exploiting-routers-with-routersploit/#search-container

Video tutorial (in french) :
Comment sécuriser votre "Box"
https://invidio.us/watch?v=J08AFSkqQnE

Last edited by labbe5 on Thu 26 Sep 2019, 15:39; edited 4 times in total
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 2012
Location: Canada

PostPosted: Thu 29 Nov 2018, 08:08    Post subject: Germany proposes security guidelines for routers  

Online criminals have woken up to the power they can exert through hijacking large numbers of routers into botnets, launching devastating distributed denial-of-service (DDoS) attacks, stealing WiFi credentials, or changing DNS settings to make unwanted pop-up ads continually appear.

Time and time again users have been warned that their routers are vulnerable because of a software flaw, or because they shipped with weak default passwords.


Guidelines : https://www.bitdefender.com/box/blog/iot-news/germany-proposes-security-guidelines-routers-not-everybody-happy/#new_tab
Back to top
View user's profile Send private message 
s243a

Joined: 02 Sep 2014
Posts: 2129

PostPosted: Thu 29 Nov 2018, 12:43    Post subject: Re: Germany proposes security guidelines for routers  

labbe5 wrote:
Online criminals have woken up to the power they can exert through hijacking large numbers of routers into botnets, launching devastating distributed denial-of-service (DDoS) attacks, stealing WiFi credentials, or changing DNS settings to make unwanted pop-up ads continually appear.

Time and time again users have been warned that their routers are vulnerable because of a software flaw, or because they shipped with weak default passwords.


Guidelines : https://www.bitdefender.com/box/blog/iot-news/germany-proposes-security-guidelines-routers-not-everybody-happy/#new_tab


It sounds like they are blaming the user rather than the manufacture for poor router security. This sounds odd to me.
Back to top
View user's profile Send private message Visit poster's website 
nosystemdthanks


Joined: 03 May 2018
Posts: 694

PostPosted: Thu 29 Nov 2018, 12:58    Post subject: Re: Germany proposes security guidelines for routers  

s243a wrote:

It sounds like they are blaming the user rather than the manufacture for poor router security. This sounds odd to me.


i think when you start a dd-wrt router, it encourages you to change the default password. they should all do that.

blaming the user isnt the best route, the best route is better security. but they know this. im not saying every manufacturer cares-- i dont think cisco cares, or they wouldnt help the chinese government be monstrous. if they dont ship the way they do, im guessing they will lose business to people that do. and users are kind of to blame for that.

pointing this out isnt as good as good security by default, but it does encourage people to practice better security. default passwords are a common point of attack for routers. then again, they could have done those too with better security. but even that wouldnt be as good as people choosing good practices.

counterargument: if every router told you to change your password the first time you used it, many would have even weaker passwords. counter-counterargument-- unless they required password strength-- counter-counter-counterargument: which brings us back to the part about competing routers that would sell better. they already create security updates. but most people dont use them. you dont want automated firmware updates. windows 10 does that. keeping it secure by default = risk of bricking by default. automated firmware updates could also be hijacked for installing malware. its not a simple problem to solve. the beginning of security is good design, but even if its your primary goal, bad laws and irresponsible users are going to come into play at some point regardless of the design.

_________________
"microsoft is unique among proprietary software companies: they are the only ones who have actively tried to kill [floss]. it’s not often someone wants to be your friend after trying to kill you for ten years" -- bradley m. kuhn
Back to top
View user's profile Send private message Visit poster's website 
belham2

Joined: 15 Aug 2016
Posts: 1677

PostPosted: Thu 29 Nov 2018, 15:11    Post subject: Re: Germany proposes security guidelines for routers  

nosystemdthanks wrote:
s243a wrote:

It sounds like they are blaming the user rather than the manufacture for poor router security. This sounds odd to me.


i think when you start a dd-wrt router, it encourages you to change the default password. they should all do that.

blaming the user isnt the best route, the best route is better security. but they know this. im not saying every manufacturer cares-- i dont think cisco cares, or they wouldnt help the chinese government be monstrous. if they dont ship the way they do, im guessing they will lose business to people that do. and users are kind of to blame for that.

pointing this out isnt as good as good security by default, but it does encourage people to practice better security. default passwords are a common point of attack for routers. then again, they could have done those too with better security. but even that wouldnt be as good as people choosing good practices.

counterargument: if every router told you to change your password the first time you used it, many would have even weaker passwords. counter-counterargument-- unless they required password strength-- counter-counter-counterargument: which brings us back to the part about competing routers that would sell better. they already create security updates. but most people dont use them. you dont want automated firmware updates. windows 10 does that. keeping it secure by default = risk of bricking by default. automated firmware updates could also be hijacked for installing malware. its not a simple problem to solve. the beginning of security is good design, but even if its your primary goal, bad laws and irresponsible users are going to come into play at some point regardless of the design.



Irresponsible, lazy users not taking the extra 15 mins to set up a new, 12+ character---special and otherwise---length password for their router's login nor setting up a decent WPA2 password......vs........ irresponsible, lazy ISPs where they keep demanding backdoor administrative access to all their routers that they have put out to most of their customers, which is the achilles heal of everything they do.

Until a better solution comes along, it pays to make yourself not irresponsible, not lazy, and also overcome your ISP by putting their unit in bridge-mode (which all current routers in the world allow, AFAIK) and setting up & using your own hardened router (commercial-level, dd-wrt, tomato and/or a combo of these, along with dedicated guest wifi networks, different subnets, and more).

Jmho....
Back to top
View user's profile Send private message 
nosystemdthanks


Joined: 03 May 2018
Posts: 694

PostPosted: Thu 29 Nov 2018, 16:03    Post subject: Re: Germany proposes security guidelines for routers  

belham2 wrote:
vs........ irresponsible, lazy ISPs where they keep demanding backdoor administrative access to all their routers that they have put out to most of their customers, which is the achilles heal of everything they do.


no disagreement there, none at all.

Quote:
Until a better solution comes along, it pays to make yourself not irresponsible, not lazy, and also overcome your ISP by putting their unit in bridge-mode (which all current routers in the world allow, AFAIK) and setting up & using your own hardened router (commercial-level, dd-wrt, tomato and/or a combo of these, along with dedicated guest wifi networks, different subnets, and more).


beyond the capability of most users, but very good advice.

_________________
"microsoft is unique among proprietary software companies: they are the only ones who have actively tried to kill [floss]. it’s not often someone wants to be your friend after trying to kill you for ten years" -- bradley m. kuhn
Back to top
View user's profile Send private message Visit poster's website 
labbe5

Joined: 13 Nov 2013
Posts: 2012
Location: Canada

PostPosted: Mon 10 Dec 2018, 19:26    Post subject: Router Hardening Checklist
Subject description: for Cisco Routers/Switches in 10 Steps
 

A compromised router for example can be devastating to the whole security of the enterprise since it can be used to gain access to data, reconfigured to route traffic to other destinations, used to launch attacks to other networks, used to gain access to other internal resources etc. Therefore, hardening the network devices themselves is essential for enhancing the whole security of the enterprise.
Source : https://www.networkstraining.com/cisco-router-switch-security-configuration-guide/
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 2012
Location: Canada

PostPosted: Wed 12 Dec 2018, 15:03    Post subject: RouterCheck
Subject description: the first consumer tool for protecting your home router
 

RouterCheck is the first consumer tool for protecting your home router, which is the gateway to your home network. Your home router is the computer in your home with the least protection, but the greatest vulnerability. If it is attacked, all the devices connected to your router are at risk. RouterCheck is like an anti-virus system for your router. It protects your router from hackers around the world, who have begun to target and attack routers.
https://www.routercheck.com/

What is RouterCheck :

RouterCheck is a system for ensuring the well-being of your router and home network. It’s offered as a smartphone app, but is far more than just a simple smartphone app. RouterCheck communicates with a powerful server that helps to check whether your router is vulnerable to any of the latest attacks that hackers are launching.
http://www.routercheck.com/what-is-routercheck/

Further reading :
This site actively determines the DNS servers that your computer uses by observing how your DNS requests are processed on the internet.
http://www.whatsmydnsserver.com/

Crooks are targeting DLink DSL modem routers in Brazil to redirect users to fake bank websites by carrying out DNS hijacking
https://securityaffairs.co/wordpress/75282/cyber-crime/dns-hijacking-brazil.html
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 2012
Location: Canada

PostPosted: Fri 21 Dec 2018, 18:14    Post subject: Down With UPnP  

https://www.wired.com/story/upnp-router-game-console-vulnerabilities-exploited/

Over the last decade, reports have increasingly detailed the flaws and vulnerabilities that can plague insecure implementations of a set of networking protocols called Universal Plug and Play. But where these possibilities were largely academic before, Akamai found evidence that attackers are actively exploiting these weaknesses not to attack the devices themselves, but as a jumping off point for all sorts of malicious behavior, which could include DDoS attacks, malware distribution, spamming/phishing/account takeovers, click fraud, and credit card theft.

To pull that off, hackers are using UPnP weaknesses in commercial routers and other devices to reroute their traffic over and over again until it's nearly impossible to trace. This creates elaborate "proxy" chains that cover an attacker's tracks, and create what Akamai calls "multi-purpose proxy botnets."
Back to top
View user's profile Send private message 
peterw

Joined: 19 Jul 2006
Posts: 365
Location: UK

PostPosted: Sun 23 Dec 2018, 13:40    Post subject: Are all ISP provided modem routers insecure?  

Just to throw in an argument for ISP provided modem routers. ISPs have got a lot more responsible over the years and their equipment now has much better security. For example, for the last 3 and maybe 6 years the modem routers provided by the ISPs I know about, have come with individual random passwords already pre-installed so that if the user is too lazy or does not know how to change it then it will take a good while for any hacker to try all the random combinations they come with. And I have noticed that my ISP has updated the firmware without me requesting that.
Back to top
View user's profile Send private message 
belham2

Joined: 15 Aug 2016
Posts: 1677

PostPosted: Mon 24 Dec 2018, 07:02    Post subject: Re: Are all ISP provided modem routers insecure?  

peterw wrote:
Just to throw in an argument for ISP provided modem routers. ISPs have got a lot more responsible over the years and their equipment now has much better security. For example, for the last 3 and maybe 6 years the modem routers provided by the ISPs I know about, have come with individual random passwords already pre-installed so that if the user is too lazy or does not know how to change it then it will take a good while for any hacker to try all the random combinations they come with. And I have noticed that my ISP has updated the firmware without me requesting that.


There is one major--or "massive"---downside to ISPs having access to your router without you being able to turn it off. Hackers have turned their attention onto the ISPs themselves, and are attacking, constantly attacking, employees of the ISPs using social media tricks, email tricks, even cellphone messaging tricks.

Why?

All they need is one compromise, into the ISPs systems and back doors (thru an ISP employee)---JUST ONE----and then those hackers have access/control to literally however many thousands/millions of customers that ISP may have. If a person thinks this battle isn't currently happening and/or ongoing, then you also believe that Equifax & others have never been compromised. Ask yourself, which side do you think will win over the next few years? Honestly, it is not even close, as hackers, especially $$$-sponsored hackers, will find a way in with they way the "human" (Customer Service-Help Desks-Employee-Collabs) are set up at ISP providers worldwide.

It is a spooky thought, and something that ISPs haven't yet fully grasped. They still approach "remote-administration-of-their-routers" as a savings $$$ vehicle. Savings as in no technician ever needs travel to the house.

Until ISPs flip their mindset and start approaching "remote-administration" as a first "SECURITY" aspect, and build their internal/back-end and customer-interaction-end systems as such, I will do my best to always use my own routers that forbid access to/by the ISP (and/or anyone) and also I, and I alone, will be responsible for updating & maintaining it.

I believe this "mindset flip" day will come, but not without some serious breaches first occurring in a few major ISPs with regards to this "remote-administration" where users cannot disable it and/or turn it off.
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 2012
Location: Canada

PostPosted: Sat 19 Jan 2019, 18:15    Post subject: WPA2
Subject description: WPA2 wireless security cracked
 

This wireless security system might now be breached with relative ease by a malicious attack on a network. They suggest that it is now a matter of urgency that security experts and programmers work together to remove the vulnerabilities in WPA2 in order to bolster its security or to develop alternative protocols to keep our wireless networks safe from hackers and malware.

The convenience of wireless network connectivity of mobile communications devices, such as smart phones, tablet PCs and laptops, televisions, personal computers and other equipment, is offset by the inherent security vulnerability. The potential for a third party to eavesdrop on the broadcast signals between devices is ever present. By contrast a wired network is intrinsically more secure because it requires a physical connection to the system in order to intercept packets of data. For the sake of convenience, however, many people are prepared to compromise on security. Until now, the assumption was that the risk of an intruder breaching a wireless network secured by the WPA2 system was adequately protected. Tsitroulis and colleagues have now shown this not to be the case.
https://www.sciencedaily.com/releases/2014/03/140320100824.htm?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+sciencedaily%2Fcomputers_math%2Fencryption+%28Computer+Security+News+--+ScienceDaily%29

Further reading :
How to Fix Your Awful Wifi
https://gizmodo.com/how-to-fix-your-awful-wifi-1831780709
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 2012
Location: Canada

PostPosted: Fri 09 Aug 2019, 18:42    Post subject: Turris Omnia
Subject description: More than just a router. The open-source center of your home.
 

https://www.turris.cz/en/omnia/

Further reading :
Turris: secure open-source routers
https://lwn.net/Articles/782886/
Back to top
View user's profile Send private message 
8Geee


Joined: 12 May 2008
Posts: 2063
Location: N.E. USA

PostPosted: Thu 15 Aug 2019, 23:44    Post subject:  

I will opine this... there are some national/regional ISP's that provide a pswd to access the router for things like reconnect, Spec changes, new micro-code updates, etc.

The unfortunate aspect of this is that pswd is only good on that exact modem/router. The end user CANNOT change it, else the unit fails to connect. I know of several different CATV/Telco providers doing this, and I dare say, the pswds are shorter than one would wish. I find in a world that needs 16+ characters, 10 or less is almost negligent, 12 or less is not good. /MHO

Regards
8Geee

_________________
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 2012
Location: Canada

PostPosted: Thu 10 Oct 2019, 06:53    Post subject: D-Link home routers : security flaws  

https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10124

Currently, D-Link has been informed that the following D-Link Branded Devices may be affected:

- DIR-655 Hardware Revision Cx Firmware 3.02b05 and below (older)

- DIR-866L Hardware Revision Ax Firmware 1.03b04 and below (older)

- DIR-1565 Hardware Revision Ax Firmware 1.01 and below (older)

- DIR-652 Hardware Revision Ax (non-US Product :: Pleas consult your regional support site)

These products have entered End of Service Life. There is no support or development for these devices. We recommend replacing the device with an new device that is actively supported. Using these devices are at your own risk, D-Link does not recommend further use.
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [15 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0740s ][ Queries: 12 (0.0109s) ][ GZIP on ]