Posted on 04/07/2008 11:12:15 PM PDT by HAL9000
Excerpt -
Researcher Dan Kaminsky tomorrow will show attendees of the RSA security conference how a Web-based attack could be used to seize control of certain routers.Kaminsky has spent the past year studying how design flaws in the way that browsers work with the Internet's Domain Name System (DNS) can be abused in order to get attackers behind the firewall.
But at the RSA Conference in San Francisco, he will demonstrate how this attack would work on widely used routers, including those made by Cisco's Linksys division and D-Link.
The technique, called a DNS rebinding attack, would work on virtually any device, including printers, that uses a default password and a Web-based administration interface, said Kaminsky, who is director of penetration testing with IOActive.
Here's how it would work. ...
~ snip ~
(Excerpt) Read more at pcworld.com ...
Bookmark.
Tech ping
bfl
Yes, it's always a good idea to replace the default password.
Found this thread through a key word search and have a question.
I got a wireless router a few days ago and it is pass word protected, I carefully wrote down the pass word and the web site URL to go to to change the pass word. I want to change the pass word now, so I try to go to the web site by typing in the URL, which is:
It does not go to the web site, instead a window opens and asks for my user name and pass word. I type it in and get no access.
Any hints on what to do? It is “NETGEAR WGR614v9” router.
I have a Netgear FVS318.
Default user name - admin
Default password - password
Of course my router is not wireless, and I have changed my password to something more elaborate.
Here’s a link to a support page for your WGR614v9
http://kbserver.netgear.com/products/wgr614v9.asp
routerlogin.net does seem to belong to NetGear, according to the DNS records, so it seems to be the safe and proper way to do it.
If all else fails, there may be a reset button on your router to restore it to the factory configuration. Then you could log on with the default password and change it to something more secure.
The router probably has a local http server for when the internet isn’t connected or configured. It should be written on your router. Something like http://192.168.0.1/ is what I would expect to see.
Also, if there is a problem getting access, like you forgot your password, you can reset everything back to factory settings by pressing a small recessed button on the back or bottom of the router with a pin.
Makes me glad I changed the password on our router a while ago. It really was one of the easiest of things to do when trying to protect my fledgling server.
I first tried the link in number 7. I used my password and login that I know were correct when I first set it up a few days ago, it told me my password was wrong, so I tried the default password and user name and that was wrong too, then it completely disconnected me from the internet, no matter what I did, it was no go.
So I disconnected the router and reconnected to my modum and it still would not let me on line. After turning off the modem and back on again several tries, I finally got back on line.
So now I will reconnect my router and reset to default as suggested in number 9 and hope that works. Thanks for the help.
I’m sorry if my #7 messed you up. For a long time I used the default password. Back in April I changed it. Good luck!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.