Slashdot Mirror
D-Link Routers Vulnerable To DNS Hijacking
An anonymous reader writes At least one and likely more D-Link routers as well as those of other manufacturers using the same firmware are vulnerable to remote changing of DNS settings and, effectively, traffic hijacking, a Bulgarian security researcher has discovered. Todor Donev, a member of the Ethical Hacker research team, says that the vulnerability is found in the ZynOS firmware of the device, D-Link's DSL-2740R ADSL modem/wireless router. The firmware in question is implemented in many networking equipment manufactured by D-Link, TP-Link Technologies and ZTE.
I get on my knees and give thanks to OpenWRT.
The hardware isnt all that bad most of the time, it's the shitty horrible firmwares they run.
Frequently, it's an old, horribly butchered hackjob of openwrt under there these days. Something unholy running a 2.6 era kernel, and with drivers with more hacked patches attached than a 4th century beggar's clothes.
Getting that old filth flushed out and replaced with something properly maintained is a GOOD thing. The router (hw wise) itself usually isnt all that bad.
Netgear tends to be a bit better, but overpriced. Belkin can go die in a fire though.
Why leave remote administration on?
I would avoid opening the web UI of any home router on the WAN side.
It's mostly unnecessary and a needless security exposure.
.
If you dont mind taking one apart, it is pretty easy to install the missing cooling inside a home router.
Most have a 3v level based serial connector that can be tapped for driving a fan. Just getting some circulation in there helps immensely.
This has more to do with the manufacturer not wanting any moving parts than it does with poor design though.
I have a WNDR3400 that I use for various fun projects (It's running OpenWRT) that is a few years old now. I have replaced it with a more capable home router some time ago as the main workhorse. However, the logic board that drives that little silly dome light is a +5v system. I have removed the dome completely, removed the logic board with the lights on it, and used the header strip it connected to, to drive a pretty beefy fan. I can drive its little CPU at 100% nonstop and it does not get much above room temp.
If the biggest problem you have is with cooling, stop being a wimp and just drive a fan off the serial console port connector inside. Pretty much all consumer routers have one.
This is what the OpenWRT Table of Hardware is for. One nice feature of the list is de-facto announced end-of-life, so you'll know when to retire your old gear. DD-WRT doesn't do this with their hardware compatibility list so you're left thinking they'll push out an update for your unit, except they don't.
OpenWRT lists support for an interesting and cheap TP-Link router on their front page (the TP-Link TL-MR3420). What makes this 40 euro router so interesting is its support for both an ethernet WAN port, along with another GSM WAN port which affords the user internet provider redundancy. It's been on my to-do list for a while to pick one up.
European Pre-Pay GSM can be super-affordable too. Here's an Austrian ISP that will sell you 9Gb of 4G data for 9.90 euro. In The Netherlands Bliep will sell you 3G data for .50 cents a day, and 4G data for 1 euro a day.
Does anyone have any experience with such a router? I don't even try to discuss such configurations with the installation folks from the wired ISPs. The last guy was here simply amazed I had one with OpenWRT; and that I wasn't interested in the ISP's modem for anything except being a basic firewall and cable link to the OpenWRT unit.