Slashdot Mirror

← Back to Stories (view on slashdot.org)

Drive-By Pharming Attack Could Hit Home Networks

Posted by Zonk on from the dive-behind-the-router dept.

Rob wrote in with a link to a CBR Online article discussing drive-by pharming, a new exploitation technique developed by Indiana University and Symantec Corporation. While it's not known if the technique is in use 'in the wild', the exploit could easily co-opt the web-browsing habits of a user that had not properly configured their router. "The attack works because most of the popular home routers ship with default passwords, default internal IP address ranges, and web-based configuration interfaces. The exploit is a single line of JavaScript loaded with a default router IP address, a default password, and an HTTP query designed to reconfigure the router to use the attacker's DNS servers." The article goes on to discuss several related and more advanced techniques related to this one, which security companies will have to keep in mind to guard against future attacks.

3 of 185 comments (clear)

  1. not with my 2wire router by fishyfool · · Score: 5, Interesting

    it came from the factory with a random 10 digit wep password and with wireless disabled by default. if 2wire can do this, so can everyone else.

    --
    Enjoy Every Sandwich
  2. So, how do you tell your clueless neighbors? by Anonymous Coward · · Score: 3, Interesting

    This raises a question: if you are using your wireless card and notice that your neighbor has a wide-open access point, how do you educate them without being seen as a suspect or nosy? I have one such neighbor, and I have considered logging into their wide-open AP and rebooting it or setting WEP keys or some such, but such measures would of course fail, since they are clueless. I have also considered going full-stealth and printing up a quick wireless security tutorial on a printer not linkable to me, and taping the tutorial to their door. But, it's not worth the trouble to me, but it could be a big deal to them one day. In this litigious day, that's why I'm posting as AC.

  3. Show your sister this article! by oni · · Score: 3, Interesting

    RIAA Will Drop Cases If You Point Out That An IP Address Isn't A Person

    Earlier this month the inability to prove who actually did the file sharing caused the RIAA to drop a case in Oklahoma and now it looks like the same defense has worked in a California case as well. In both cases, though, as soon as the RIAA realized the person was using this defense, they dropped the case, rather than lose it and set a precedent showing they really don't have the unequivocal evidence they claim they do.