General Discussion
  >> General Broadband Chatter


Register (or login) on our website and you will not see this ad.


Pages in this thread: 1 | 2 | (show all)   Print Thread
Standard User Andrue
(eat-sleep-adslguide) Sat 10-Oct-15 10:12:27
Print Post

NetGear Router Exploit?


[link to this post]
 
http://www.bbc.co.uk/news/technology-34491583

"Is it serious? Yes it definitely is," said Jonathan Wu, senior director of product management at Netgear, one of the top three router brands in the US.
"Because whenever anybody gets access to your router, they can alter settings to direct traffic to places you don't want it to go to."
However, Mr Wu added that attackers would have to get access to the network first and then guess the admin password.
Mr Giron thinks that in his case, access was gained because his router settings had been configured so that they could be accessed remotely."

So..where's the exploit? The owner chose to configure their router so that it was visible from the WAN then someone else guessed the password and reconfigured the DNS settings.

Possibly it's just a badly written article but I don't see anything here that needs a firmware update.

---
Andrue Cope
Brackley, UK
Standard User billford
(elder) Sat 10-Oct-15 10:15:00
Print Post

Re: NetGear Router Exploit?


[re: Andrue] [link to this post]
 
In reply to a post by Andrue:
... but I don't see anything here that needs a firmware update.
Possibly a brainware update to choose a better password for remote access frown

Bill
A level playing field is level in both directions.

_______________________________________Planes and Boats and ... ______________BQMs: IPv4 IPv6
Administrator MrSaffron
(staff) Sat 10-Oct-15 11:00:31
Print Post

Re: NetGear Router Exploit?


[re: billford] [link to this post]
 
Affects just 5,000 routers too if what I read was correct.

The author of the above post is a thinkbroadband staff member. It may not constitute an official statement on behalf of thinkbroadband.


Register (or login) on our website and you will not see this ad.

Standard User b4dger
(knowledge is power) Sat 10-Oct-15 11:06:08
Print Post

Re: NetGear Router Exploit?


[re: Andrue] [link to this post]
 
In reply to a post by Andrue:
...Possibly it's just a badly written article...
I agree - a mention of the router model would have made sense!

Standard User Andrue
(eat-sleep-adslguide) Sat 10-Oct-15 13:28:10
Print Post

Re: NetGear Router Exploit?


[re: MrSaffron] [link to this post]
 
In reply to a post by MrSaffron:
Affects just 5,000 routers too if what I read was correct.
Perhaps that's the number of people Netgear have estimated to have configured their router for WAN access smile

Anyway glad I hadn't missed some important technical detail in the article.

---
Andrue Cope
Brackley, UK
Standard User RobertoS
(elder) Sat 10-Oct-15 15:30:44
Print Post

Re: NetGear Router Exploit?


[re: billford] [link to this post]
 
Better still, change the admin username.

The indispensable man or woman passes from the scene, and what happens next is more or less the same thing as was happening before.
My broadband basic info/help site - www.robertos.me.uk. Domains, site and mail hosting - Tsohost.
Connection - AAISP Home::1 80/20. Sync 59999/14372kbps @ 600m. - BQM
Standard User Tacitus
(experienced) Sat 10-Oct-15 16:48:54
Print Post

Re: NetGear Router Exploit?


[re: Andrue] [link to this post]
 
In reply to a post by Andrue:
Mr Giron thinks that in his case, access was gained because his router settings had been configured so that they could be accessed remotely."

So..where's the exploit? The owner chose to configure their router so that it was visible from the WAN then someone else guessed the password and reconfigured the DNS settings.
Wonder if it's anything to do with this?

There was a long list of domestic/SME routers which were supposedly vulnerable to this exploit but I can't find the link.
Standard User cheshire_man
(knowledge is power) Sat 10-Oct-15 16:48:58
Print Post

Re: NetGear Router Exploit?


[re: RobertoS] [link to this post]
 
Can't do that on (some) Netgear routers
Can I change the router login username to something other than admin?

No, the router login username cannot be changed. Only the admin password can be changed.


Tony
We have more and more laws, and less and less enforcement

Edited by cheshire_man (Sat 10-Oct-15 16:50:04)

Standard User Oliver341
(eat-sleep-adslguide) Sat 10-Oct-15 17:53:36
Print Post

Re: NetGear Router Exploit?


[re: Andrue] [link to this post]
 
Agreed, this one doesn't look like an exploit to me. I suppose router manufacturers could hand-hold by issuing every router with a unique admin password, or refusing to open WAN-side admin with the default password, but it's not what I'd call an exploit.

D-Link however have had multiple routers which can have their DNS servers altered by an unauthenticated attacker issuing a single HTTP request to their routers, including TalkTalk's popular DSL-3680: http://www.ispreview.co.uk/index.php/2015/03/uk-isp-...

Oliver.

Edited by Oliver341 (Sat 10-Oct-15 17:54:26)

Standard User RobertoS
(elder) Sat 10-Oct-15 19:52:05
Print Post

Re: NetGear Router Exploit?


[re: cheshire_man] [link to this post]
 
That shows how often I changed it on my four Netgears smile.

The indispensable man or woman passes from the scene, and what happens next is more or less the same thing as was happening before.
My broadband basic info/help site - www.robertos.me.uk. Domains, site and mail hosting - Tsohost.
Connection - AAISP Home::1 80/20. Sync 59999/14372kbps @ 600m. - BQM
Pages in this thread: 1 | 2 | (show all)   Print Thread

Jump to