Posted on 05/20/2015 9:48:26 PM PDT by Utilizer
Millions of routers and other embedded devices are affected by a serious vulnerability that could allow hackers to compromise them.
The vulnerability is located in a service called NetUSB, which lets devices connected over USB to a computer be shared with other machines on a local network or the Internet via IP (Internet Protocol). The shared devices can be printers, webcams, thumb drives, external hard disks and more.
NetUSB is implemented in Linux-based embedded systems, such as routers, as a kernel driver. The driver is developed by Taiwan-based KCodes Technology. Once enabled, it opens a server that listens on TCP port 20005 for connecting clients.
Security researchers from a company called Sec Consult found that if a connecting computer has a name longer than 64 characters, a stack buffer overflow is triggered in the NetUSB service. If exploited, this kind of vulnerability can result in remote code execution or denial of service.
(Excerpt) Read more at itworld.com ...
Ping...
bookmark
for what i’ve hearded hackers can do eveything and anything so with more security it will be useless
I highly recommend a software router running on an old laptop or computer in your home. pfSense is far and away one of the best free router/firewall programs I’ve ever played with, and it beats the pants off of any retail router/switch.
Interesting
Thanks
Don’t let the spec sheet scare you. If you’re a home user, you can set it up on an old laptop, and it’ll run just fine. There are a few communities that have it setup on Arduino and Raspberry Pi devices. And there are enterprises using them for mid- to large-scale deployments.
I need someone to translate that article..although at end it says you can purchase it ready to install...
There's always a way around or through if one is knowledgeable enough to find it.
Cybercrime Cost Americans $800,492,073 Last Year
The Federal Bureau of Investigations Internet Crime Complaint Center (IC3) tallied 269,422 complaints in 2014, totaling $800,492,073 in losses, according to a new report. The center has received 3,175,611 complaints since its establishment in May 2000.
The losses compiled in 2014 are likely much lower than actual Internet crime losses. The report states, “Only an estimated 15 percent of the nation’s fraud victims report their crimes to law enforcement, while the IC3 estimates less than 10 percent of victims file directly through [w]ww.ic3.gov.”
http://www.latimes.com/nation/la-na-boy-scouts-call-end-gay-leader-ban-20150521-story.html
If I understand this correctly, the attack would have to come from within your network. Does this affect routers running DD-WRT?
If I understand the article correctly, it does not matter either way, running it or not. It’s the NetUSB driver that is the culprit, not whether the router runs DD-WRT.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.