Millions of Home Routers Are Hackable

← Back to Stories (view on slashdot.org)

Millions of Home Routers Are Hackable

Posted by kdawson on Friday July 16, 2010 @12:48AM from the pre-black-hat-frenzy dept.

Julie188 writes "Craig Heffner, a researcher with Maryland-based security consultancy Seismic, plans to release a software tool at the Black Hat conference later this month that he says could be used on about half the existing models of home routers, including most Linksys, Dell, and Verizon FiOS or DSL versions. The tool apparently exploits the routers through DNS rebinding. While this technique has been discussed for 15 years or more, Heffner says, 'It just hasn't been put together like this before.'" Notebooks.com has a list of routers tested and some advice on securing vulnerable routers.

9 of 179 comments (clear)

Min score:

Reason:

Sort:

Re:You mean besides using default admin/password.. by Anonymous Coward · 2010-07-16 00:55 · Score: 5, Funny

The tool apparently exploits the routers through DNS rebinding. Wjhile this technique has been discussed for 15 years or more, Heffner says 'It just hasn't been put together like this before.'"
Ha Ha! I changed my default username to "adjminstrator" and password to "passjword"! Good luck hjackers!
Thank you Captain Obvious by RapidEye · 2010-07-16 01:02 · Score: 1, Funny

Lets see:
Make sure you have a strong Admin password on your router and don't surf p0rn/warez sites.
Thank you Captain Obvious!

--
"Murderer? Well, that's a harsh word. I prefer to think of myself as a Mortality Technician."
1. Re:Thank you Captain Obvious by AnonymousClown · 2010-07-16 01:23 · Score: 3, Funny
  
  Lets see: Make sure you have a strong Admin password on your router and don't surf p0rn/warez sites. Thank you Captain Obvious!
  I get more hacking attempts when I search for and try to look at Christina Hendricks images than I ever do from all the porn sits combined.
  
  --
  RIP America
  July 4, 1776 - September 11, 2001
2. Re:Thank you Captain Obvious by MBGMorden · 2010-07-16 01:42 · Score: 3, Funny
  
  I get more hacking attempts when I search for and try to look at Christina Hendricks images than I ever do from all the porn sits combined.
  Yes but going by the "I'll know it when I see it" definition, any image of that woman in a dress qualifies as pr0n . . .
  
  --
  "People who think they know everything are very annoying to those of us who do."-Mark Twain
3. Re:Thank you Captain Obvious by John+Hasler · 2010-07-16 02:16 · Score: 2, Funny
  
  > ...NEVER let your browser remember passwords.
  Never let it remember important passwords. There's no harm in letting it store passwords for trivial sites such as Slashdot.
  
  --
  Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
Re:You mean besides using default admin/password.. by Cryacin · 2010-07-16 01:28 · Score: 5, Funny

Ha Ha! I changed my default username to "adjminstrator" and password to "passjword"! Good luck hjackers!
Wouldn't stop them if they're Swedish!

And yes, I'm an insensitive Cljod!

--
Science advances one funeral at a time- Max Planck
Re:Exactly what is the sploit? by L4t3r4lu5 · 2010-07-16 02:29 · Score: 2, Funny

Excellent! So, I was correct in labelling this whole shitty story as another inflammatory chod-fest at the hands of Slashdot's very own version of the Daily Mail, kdawson.

Will he never cease to amaze me?!

--
Finally had enough. Come see us over at https://soylentnews.org/
Heretic by Anonymous Coward · 2010-07-16 02:47 · Score: 3, Funny

Slashdot is *the* most important site. For you to call it "trivial" is a most wicked sin.
Re:You mean besides using default admin/password.. by Ihmhi · 2010-07-16 09:42 · Score: 3, Funny

Then they click submit and BAM you hit 'em with tubgirl.

--
Random Thoughts From A Diseased Mind (Not For Dummies)