Home Routers Under Attack by NSA-Spawned Malware: What to D

tomsguide.com ^ | 11/29/2018 | Marshall Honorof · Editor

[Mr Radical]

... simply disable UPnP on your router?

[Ol' Dan Tucker]

My Netgear router is 3 or so years old, so I guess it’s vulnerable. We have to get the enclosed, boxy wi-fi routers with the hidden antennas because the cat chews up the antennas if they are exposed.

Here's the affected Netgear models:

NETGEAR
R2000, WNDR3700, WNDR4300v2, WNR2000v4

[Carriage Hill]

Sounds like a press release from Cisco Systems.

[TomGuy]

Gibson Research Corporation

I used to use GRC’s ShieldsUp! ports scanner.

GRC has a UPnP Exposure Test link on their home page. Arrow down to the second yellow-background box.

https://www.grc.com/default.htm

==

The scan indicated that my UPnP was not exposed.

I bought my cable/modem router last year and did not make any adjustments. Netgear AC1750, Model C6300.

[Ol' Dan Tucker]

It’s impossible to tell if you’re infected - but the answer is to go out, spend $100 and buy a new router.

Akamai has a white paper that lists the affected manufacturers and models. (See: UPnProxy: Blackhat Proxies via NAT Injections)

[thinden]

bbb

[reed13k]

For use when I get home

[usconservative]

Again? Didn’t this happen some months ago?

[usconservative]

Heh, another Windows problem eh? Don’t see any Apple products listed in the article.

I don't know of any routers running Microsoft Windows ... do you?

[dfwgator]

The Internet of Things is a stupid idea that’s going to blow up in our face one day.

[farming pharmer]

Bkmk

[zeugma]

I’m a fan of DD-WRT router firmware. Matter of fact, several years ago I bought a buffalo router because it came stock with the DD-WRT firmware image. Unfortunately, it has been somewhat problematic for me in that there doesn’t seem to be any firmware updates for it pretty much since I set it up.

Is there anyone in freeperland who can recommend a good 5/2.4 router that is compatible with DD-WRT that I can actually keep current on security updates?

[dayglored]

Router [in]security ... PING!

You can find all the Windows Ping list threads with FR search: just search on keyword "windowspinglist".

Thanks to House Atreides for the ping!

[lysie]

Bkmrk.

[Still Thinking]

Yay! Amped Wireless doesn’t have a router on the list. They did have some DNS thing I had to turn off a while back, though.

[Paal Gulli]

"I’m a fan of DD-WRT router firmware. Matter of fact, several years ago I bought a buffalo router because it came stock with the DD-WRT firmware image. Unfortunately, it has been somewhat problematic for me in that there doesn’t seem to be any firmware updates for it pretty much since I set it up.

Is there anyone in freeperland who can recommend a good 5/2.4 router that is compatible with DD-WRT that I can actually keep current on security updates?"

The creation and maintaining of the 3rd-party firmwares for each individual model of rooter is almost always a one-man operation. The developer/maintainers are a finite resource, and most do this for the love of it, so they have limited resources to apply to the individual rooter model.

Pick a rooter you're interested in that's supported by DD-WRT, Open-WRT, Tomato, etc, then track him down and ask the maintainer himself his intentions. Most maintain a presence in the forum of their particular firmware (my ASUS's Merlin firmware was created by screenname 'john9527' at github, the snbforums, asuswrt and others). That's the closest you can come to knowing the potential development schedule. If you're satisfied with his answers, buy the rooter.

Then pray he doesn't catch ebola, get hit by lightning, marry someone named Kardashian or have his life cut short or otherwise ruined in general.

[texas booster]

USconservative, I do not know of any routers running Windows, but there are plenty of routers that no longer get upgrades from the manufacturer. But there are lots of IoT devices that run one of the Embedded Windows OS, and that is just the start of problems.

Much of the IoT junk coming from Asia may be running a Linux variant but poor programming practices will leave a device wide open.

Just as on a Mac, the underlying OS may be secure in a certain configuration but any dependent programs also need to be secured and regularly updated.

[Bob434]

i have an Arris- and that wasn’t listed- wonder if they tested all models, or not?

[Salamander]

Through no fault or accomplishment of my own, all mine come up “stealthed”.

No idea how I did that, if *I* even did.

Maybe it’s just my router.

[GOPJ]

Thanks