Slashdot Mirror

← Back to Stories (view on slashdot.org)

CERT Finds Routers Increasingly Being Cracked

Posted by CmdrTaco on from the look-at-the-fancy-new-security-icon dept.

alteran writes "CERT has released a paper (PDF) analyzing changes in DOS attack methods. The new twist-- crackers are increasing getting into routers rather then servers and home PCs. The volume of noise a router could generate absolutely dwarfs what a computer could do. And unlike compromised servers, compromised routers could actually screw up the infrastructure of the Internet, not just blast people with packets. Worst of all, router administators appear to be even sloppier than their server counterparts in securing their machines."

5 of 294 comments (clear)

  1. MS-DOS by Anonymous Coward · · Score: -1, Troll

    They said they were using MS-DOS to hack the routers. I have MS-DOS on my 486, so how do you hack MS-DOS itself? I want to hack the Operating System Ms-DOS.

  2. Cisco IOS by Anonymous Coward · · Score: -1, Troll


    <irony>And I'm absolutely positive that the "easy to use and configure" Cisco IOS has absolutely nothing to do with the fact that the routers aren't configured safely....right?</irony>

  3. Posts from idiots.. by supabeast! · · Score: -1, Troll

    Why does Slashdot accept posts from people so stupid?

    "The volume of noise a router could generate absolutely dwarfs what a computer could do."

    A router IS a computer, you fuckwit. Usually a specialized computer with embedded software allowing it route quickly and easily. But routers are also sometimes servers or desktops; the machine I am typing this on is a router/desktop/firewall. And guess what? If I cram six NICS into it and crank it up, this thing can generate just as much traffic as a lot of commercial routers. A Sun E450 could put a lot of large routers to shame (And in fact, some people use big Sun hardware as routers.).

    Please Taco, stop putting idiotic crap like this on the front page.

  4. How do I tell if my machine is cracked? by Anonymous Coward · · Score: -1, Troll

    Seriously - how do I tell?

    I run a local LAN based on a Linux router; I maintain several smallish web servers and one big server farm, based on Linux and Solaris. Our company has several Windows workstations. I add patches, get upgrades, read security alerts. My machines haven't been cracked so far. I guess.

    I *know* that two years ago, one of my webservers was hacked and abused by IRC script kiddies. They did not clean up after them, it was easy to tell someone broke in and they were actually online when I detected their presence.

    But with rootkits out there, how paranoid enough can I be? Are there tools to detect changes made by crackers? One of my nightmares is a rooted zombie server that looks perfectly normal to me, but had several backdoors inserted...

    Now you may say that I should be an admin of above-mentioned servers if I don't know how to tell. Well, that's partly a reason why I post anonymously, so yeah, you could be right. But who out there isn't self-taught?

  5. ALL YOUR ROUTER ARE BELONG TO US. by Anonymous Coward · · Score: -1, Troll

    suckuz