What Hackers Can Do With Your Router And How To Defend Themselves
Join 1000's of Authors at StreetArticles Today!

What Hackers Can Do With Your Router And How to Defend Themselves

Some of you probably do not care about reading about further errors and rear wickets in home routers. Unfortunately wrongly, because with control of the router the attacker could also take control over your computers.

If a burglar gets an administrator account password of the router, which you can get from the internet, it is threatened not only router, but most of all the network traffic passing through it. What is worse, to manipulate him, burglar does not have to get root access on the device - often enough to use one of the options in the administration panel. At the end of the article you will find instructions on how to protect themselves against such attacks.

The administrator of the router to the computer administrator

An interesting example of such an attack described by Nasro, author of the recent discovery of an error in the TP-Link routers, enabling remote reading device administrator password. He showed how, from the remote control over the router settings, go to attack computers on the local network.

In the first step known attack using the router administrator password to log in to the admin panel and set the first DNS server controlled by us on an IP address. The second DNS server leave unchanged or refer acting DNS server to when we exclude our server the attacker, attacked the network continue to work. Now, every request for an IP address goes to our server.

To answer and the answer we have to start our DNS server. For this we use the tool DNSChef, which acts as a DNS proxy and can give us answers indicated by or to any query, or only on those that previously configure.

All DNS requests will receive a response indicating therefore the server (of course we can limit it only to such behavior. This server will listen for traffic webmitm tool, whose task is to redirect HTTP traffic to the appropriate server.

How does it work

The user network that is behind a router open a web page. The router queries the DNS server for the IP address of the server to which you want to get you. We take this question and answer giving the address of our server. The user, not knowing this, combined with our server. His question pass on to the target server, and the way to respond to stick on a piece of code that attacks his unpatched browser and its plug-ins. In the event of a successful attack gain access to your computer. If we have a little luck, the user does not notice that he fell victim to an attack.

Other types of attacks on home routers

Rather than attacking the computer and the user's browser, we can in the same way, for example. Overhear their passwords or inject data into its e-banking session (attacks on SSL connections is more difficult, because probably we do not have a trusted certificate, so we must count on the fact that you do not scare up Communication from the browser about problems with the reliability of the server). Of course we also diversify in a different way users use the network, for example. All pictures by turning them upside down.

These types of attacks can be carried out on a massive scale - in 2011 in Brazil, more than 4 million households routers have experienced unauthorized changes to DNS servers that are already behind computers instead of requested files received from the network Trojan horse.

How to defend against such attacks

The main problem with home routers is the fact that most often they must have direct access to the Internet, and their software is often far from ideal. Thus offering a lower level of security are also exposed to many risks - so you want to minimize the amount of these threats. The basic steps you should follow to better secure your router is:

Installing alternative software. On the market there are many free software packages dedicated to home routers. The software is the most common offers a lot more features than the original, it contains fewer security flaws and, if they are detected more quickly updated. If possible, it is worth before buying router see if you can is to install alternative software. Examples of such software is Tomato, OpenWRT or DD-WRT.

Disable remote access to the administrative interface. Some versions of the software enabled by default leave with Internet access to the administrative interface of the router. The benefits of having such a function are small (how many times you had to configure the router without being at home?), And considerably increases the level of threat.

The appropriate level of wireless network security. If someone configures today a protocol on a lower level than WPA2 security, it should immediately return to reality. WPA2 and complex, niesłownikowe password security is an absolute basis. Access to the router administration interface takes place mostly from the local network, so it is good to use only by authorized users.

Changing default passwords. I think all routers come with a default password for the admin interface - it's worth it just in case changed to more complex (the new password in a safe place worth to save, because they are easy to forget using it once every two years). If the router was also set up by the supplier to the wireless network password (the practice of many Internet service providers), well worth it to modify it for longer and more complicated.

Software update. Whether original or alternative, you should periodically check whether or not released a new version, removing detected errors and problems. Unfortunately, the software update is not automatic, so you have to spend these few moments to sleep better at night.

You can also pick up wireless security by example. Hides her name or the introduction of filtering MAC addresses of devices, but these activities only a little difficult to carry out a potential attack and may reduce the comfort of using the network, so it is always worth considering before you turn all possible precautions in the admin panel .

Street Talk

No comments present
You May Also Like
Intellectual Property
Dubai's court of cassation defines intellectual property as, "it is every invented property whether it was literature, vocal, or as regardless to its nature, purpose or importance". From this definition we can analyze that, intellectual property can be in the form of a book or a painting or a song…
By: Hassan Elhais in  Legal  >  Intellectual Property   Mar 02, 2016  
  Likes: 0

Have A Thai Law Firm Review Rental Contract Before You Move Into A New Bangkok Pad
For foreigners having newly relocated to Thailand, among the various issues they’ll need to deal with is finding a suitable place to live. Once they do, a local Thai law firm can come in handy if they want to go over a rental agreement before signing it. Finding a condo,…
By: Gsmyth in  Legal  >  Intellectual Property   Apr 29, 2014  
  Likes: 0

Reasons to Contact Intellectual Property Lawyers Sydney
Most of the people know what intellectual property is. However they are not sure about when to contact them till they get stuck into some legal matters. This leads to many people calling the lawyer and telling them that someone has stolen their idea or creation. This is when the…
By: sarah Hodge in  Legal  >  Intellectual Property   Sep 01, 2014  
  Likes: 0

What is the Job Of Intellectual Property Lawyers?
As the name suggests intellectual property lawyers will handle all the matters related to the legal matters. Whether it is related to registration or patents you will be helped by the professional lawyers. However only a qualified person can know law and help you with the procedures. Protecting the intellectual…
By: sarah Hodge in  Legal  >  Intellectual Property   Jul 22, 2014  
  Likes: 0

How to Overcome Copyright Problems
Copyright denotes ownership of a particular work whether it’s a song, a book, or a movie. It allows content owners to take legal action against those who attempt to duplicate or reproduce their work. It is safe to say that creating original content can be challenging, and sometimes, one has…
By: Darlius Colin in  Legal  >  Intellectual Property   Jan 21, 2016  
  Likes: 0

Estate Planning Attorney Newport Beach: Enrust Your Property
Estate planning, an imperative part to provide your family a secured future. Life is full of uncertainties, hence, future planning is necessary. The estate includes your wealth, assets, property and all that you have earned in your entire life. People often ask, what exactly estate planning is? What all it…
By: Robertstrustprobatelaw in  Legal  >  Intellectual Property   Oct 16, 2015  
  Likes: 0

Neymar Three Bimuller 2 This is the King Of the Great Advantages Of
That is to say, add up to score C Luo, Messi, Neymar three Bimuller 2. This is the king of the great advantages of mu! Argentina king Messi not to the best space advantage while at the world cup have got off to a good start, but Messi does not…
By: xiaomengmeng in  Legal  >  Intellectual Property   Sep 09, 2014  
  Likes: 0

Beyond Legality: Why Piracy Is An Ethical Issue
In a democratic population, the majority wins. But if 70% of online users think that there’s “nothing wrong” with piracy, does that mean piracy is right? When people start treating online piracy as the norm, then the issue is more of an ethical and behavioral problem that revolves around entitlement,…
By: Darlius Colin in  Legal  >  Intellectual Property   May 21, 2015  
  Likes: 0

Article Views: 936    Report this Article