Skip to comments.
Cisco Says 77 Routers Open to 'Drive-By Pharming'
PC World ^
| uesday, February 20, 2007
| Gregg Keizer, Computerworld
Posted on 02/20/2007 6:19:29 PM PST by xcamel
click here to read article
Navigation: use the links below to view more comments.
first previous 1-20, 21-40, 41-52 next last
To: xcamel
21
posted on
02/20/2007 7:41:35 PM PST
by
pyx
(Rule#1.The LEFT lies.Rule#2.See Rule#1. IF THE LEFT CONTROLS THE LANGUAGE, IT CONTROLS THE ARGUMENT.)
To: Redcloak
Having and maintaining high speed connection is not a trivial task. And then there is wifi. People don't know how to set it up either.
Few people realize that they need a router in addition to the modem that the company provides. And then there is spyware and viruses. Etc. etc.
22
posted on
02/20/2007 7:41:52 PM PST
by
dhs12345
To: pyx
OpenWRT can turn your Linksys Router into a Linux computer with full router and firewall facilities.
23
posted on
02/20/2007 7:44:25 PM PST
by
pyx
(Rule#1.The LEFT lies.Rule#2.See Rule#1. IF THE LEFT CONTROLS THE LANGUAGE, IT CONTROLS THE ARGUMENT.)
Comment #24 Removed by Moderator
To: pyx
DD-WRT is also highly regarded. Personally, I'm using
HyperWRT Thibor 16b. Very solid, great features.
All these are based on the Linux code Cisco/Linksys released back to the user community. So they are running the original GPL code on $50-$100 routers with modifications to add features normally found in $400 or more Cisco routers.
To: proxy_user
Can you explain why a router maker would allow someone on the external internet to connect to the http interface? Surely, such a router should only allow a dhcp client to do this, and it should certainly know their IP addresses.
They literally mean 'drive-by'. As in connecting to and controlling the router wirelessly and reflashing its firmware (or just reconfiguring it) to stage man-in-the-middle attacks. They're talking about your neighbors in high-rises and apartment buildings attacking you via the router. Or in public hotspots or airports.
There are a number of attacks occurring in airports too. People who have enabled XP's Peer-To-Peer networking service and who take advantage of a "Free Internet" hotspot are connecting to a pirate trying to plant stuff on their shared folders/drives or who are staging man-in-the-middle attacks when they connect to corporate/banking/shopping sites. Many of these attackers are operating currently in major airports, universites, etc.
Lock down your wireless laptop and your router.
To: Mike Bates
27
posted on
02/21/2007 4:33:17 AM PST
by
Elsie
(Heck is where people, who don't believe in Gosh, think they are not going....)
To: George W. Bush
My router is wired! If any hacker wants to connect, he has to plug in a cable.
I also use a strong password, 8 characters with both letters and numbers.
To: Elsie
I knew someone would know what that meant.
29
posted on
02/21/2007 6:17:05 AM PST
by
Mike Bates
(Irish Alzheimer's victim: I only remember the grudges.)
To: xcamel
ANd the cable guy tells me routers are the best security. uh huh.
30
posted on
02/21/2007 6:22:49 AM PST
by
Fawn
(LEMME IN http://www.youtube.com/watch?v=WkMIdfwo32Y&eurl=)
To: John Williams
And setting up each of the pcs with wep. Can be a pain because entry is not echoed. Is just like entering a password but 40 plus characters long.
WEP is not as secure as other methods. Always select 128bit. Then there are ambient noise sources like rf phones that interfere with wifi. Might require changing the frequency.
Also, don't broadcast SSID. No SSID creates other headaches when setting up the network or adding a new PC.
And then there is the issue of other wifis in the neighborhood interfering with you network. Windows machines tend to try to connect with the first available.
31
posted on
02/21/2007 9:48:27 AM PST
by
dhs12345
To: Mike Bates
That means YOU'RE an old coot; too!
32
posted on
02/21/2007 9:59:45 AM PST
by
Elsie
(Heck is where people, who don't believe in Gosh, think they are not going....)
To: proxy_user
33
posted on
02/21/2007 10:01:50 AM PST
by
Elsie
(Heck is where people, who don't believe in Gosh, think they are not going....)
To: Elsie
Old doesn't even begin to cover it. . . .
34
posted on
02/21/2007 10:37:10 AM PST
by
Mike Bates
(Irish Alzheimer's victim: I only remember the grudges.)
To: xcamel
It has
always been a Bad Idea to leave the default user, workgroup and
especially password on a device when you connect to the Internet.
People are going to have to become more "street-smart" about being on the Internet, or they'll just keep getting scammed and abused.
Connecting your computer to the Internet is not a ho-hum, trivial thing. It's like driving through a big city. You'd better take some basic precautions and have some clue about the risks.
35
posted on
02/21/2007 10:49:33 AM PST
by
TChris
(The Democrat Party: A sewer into which is emptied treason, inhumanity and barbarism - O. Morton)
To: KoRn
Yes I have DSL filters on all the phones and there are no satellite receivers. It's something between the router and the DSL modem, they don't get along.
36
posted on
02/21/2007 12:03:28 PM PST
by
Sender
("Great powers should never get involved in the politics of small tribes.")
To: Sender
It could also be something in your computer or NIC configuration. I have 3 machines running, all connected with Cat5 to the router. The connection on two machines are rock solid, the 3rd exhibits the same symptom. Every now and then I get pop-ups that the network cable is unplugged, it gets restored, and goes through the cycle for a while. Needless to say, it was plugged in the whole time.
It's happened with 3 different routers so far, but the other two machines have not had the problem. It's something between Windows XP SP2 and the NIC... someday I'll figure it out.
37
posted on
02/21/2007 12:25:18 PM PST
by
ken in texas
(come fold with us.... team #36120)
To: dhs12345
I tried the "keep alive" option but the problem remains. With my DSL connection, it will remain connected virtually forever (without the router) so I shouldn't need to keep it alive. I'm going to try a different router.
38
posted on
02/21/2007 12:25:26 PM PST
by
Sender
("Great powers should never get involved in the politics of small tribes.")
To: xcamel
the attack involves luring users to malicious sites where a device's default password is used to redirect them to bogus sites Anybody who leaves a device set at the default password might as well be participating in a bareback orgy at a Port-au-Prince bath house.
39
posted on
02/21/2007 12:34:33 PM PST
by
steve-b
(It's hard to be religious when certain people don't get struck by lightning.)
To: steve-b
40
posted on
02/21/2007 12:51:24 PM PST
by
xcamel
(Press to Test, Release to Detonate)
Navigation: use the links below to view more comments.
first previous 1-20, 21-40, 41-52 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson