Linksys Wi-Fi router vulnerability discovered

CNET ^ | 6/4/04 | Marguerite Reardon

[TomServo]

Cisco Systems has issued a patch for a security flaw in one of its Linksys routers that could give hackers access to consumers' home networks.

Alan Rateliff II, an independent security consultant, on Friday said he discovered a vulnerability in the Linksys WRTS54G 802.11g wireless router. The flaw gives hackers a free pass into the Web-based configuration page of the router when the firewall function is turned off.

[TomServo]

For you LinkSys Wi-Fi users...click link for more..

[South40]

For the most part, this problem exists only when the firewall function is turned off. Considering that most people concerned about security would keep the firewall turned on, this may not be such a big threat.

Anyone using broadband without a firewall deserves what they get.

[TomServo]

Anyone using broadband without a firewall deserves what they get.

You got that dang straight...;-)

[corkoman]

my wi-fi barely gets a 50 feet radius - I live on a cul-de-sac on a canal - hell, I am not concerned about someone else tapping in when I can only get a feeble signal upstairs.

[TomServo]

There's no way I'd go Wi-Fi right now. Maybe a few years from now. But for my security concerns - I'm hardwired - and unless my ISP (or my power) craps out, I'm always up. And I use a LinkSys BEFSR41. I have a 8-port sitting unboxed in my closet..

[drtom]

This vulnerability exists on the WAN side of the router, that is the hardwired side into your xDSL/cable modem.

The WiFi side is you local area network (which offers other vulnerabilities) which the router connects to the Internet. The firewall is supposed to protect you from intrusion from the latter.

[snooker]

"Anyone using broadband without a firewall deserves what they get."

Are you saying the computers on a local net behind the router, need firewalls running? Most routers, Linksys being the one I use, have features in them that allow you to tailor the router to 'act like a firewall'. Even though the router doesn't actually say it's a firewall. Some of the new cheap(<$100) Linksys actually have a real firewall built in to their software.

I just setup another Linksys BEFSR41 for a client today. This router runs a flavor of Linux.

In my experience, the cheap routers are quite effective at thwarting attacks. I have put instruments on the broadband connection and you can see the probing going on. The router dumps the attacks. NAT is quite effective, probably enough for the average user.

IMHO the average home user would benefit greatly from putting a $50 router between their PC and the Internet, regardless the connection used.

BTW, Linksys have periodic updates to the software, updating is quite simple. I would recommend that all software be kept up to date.

If you are really paranoid about your data, encrypt it, and back it up regularly.

[cgk]

I have a different model Linksys router on my amazon wishlist. I guess I should look into a couple other brands.

I know so little about routers and networks, I have no idea what to buy, so am researching. I read somewhere that to connect a desktop and a notebook on the same network, it's better to have a wireless router?

[drtom]

IMHO the average home user would benefit greatly from putting a $50 router between their PC and the Internet, regardless the connection used.

I couldn't agree more. In fact, I am surprised that the ISPs don't roll out modem/router combos by default. It would cut down tremendously on exploits.

[TomServo]

You'd be OK going with a LinkSys. Just flash it with the latest updates and you're good to go. If you're gonna only have 1 box on it, just get the BEFSR11.

[drtom]

As snooker says, "In my experience, the cheap routers are quite effective at thwarting attacks.".

Some of these reported flaws are so high-profile that it takes a very experienced hacker to exploit them. Whether that hacker is interested in spending a lot of time on the individual average home user is doubtful.

A little firewall router, a regular patch update on your OS and a virus scanner. Everything beyond there is bordering paranoia.

[snooker]

Linksys makes such a beast. You get the cable modem, a 4 port router and a wifi 'g' in the same box. Costs about $130, slightly less than the separates. Runs linux.

I prefer the 'separates', that way I can reconfigure and tap in where I want.

For a home user, the combo would be great.

[South40]

Are you saying the computers on a local net behind the router, need firewalls running?

Of course. No Intranet is safe without them. Routers have their vulnerabilities, as demonstrated in this article. So the need for a firewall is obvious.

[hunter112]

I am surprised that the ISPs don't roll out modem/router combos by default.

Happening in my area. A local ISP announced that they were not going to be able to support the DSL modem that they had distributed to hundreds of homes, and sold my customer a combo. She called me to inquire about the password on the wireless router I installed in her home a few months ago. Too bad, I could have replaced that old DSL modem with a used model of a newer one for way less than what she paid the ISP for their combo model.

[Wonder Warthog]

"I know so little about routers and networks, I have no idea what to buy, so am researching."

Go D-link--the product is more reliable. I originally purshased a Linksys 4-port wireless router, and it was crap. Flakey connections from day one, and it died permanently after about a month. I bought the Linksys because of the "Cisco" brand name, but after the problems, I did research into the user reviews--about a third of user reviews say Linksys is crap. Not nearly so many have negative reviews of D-link.

[steplock]

.... when the firewall function is turned off


well....DUH!

[Agnes Heep]

IMHO the average home user would benefit greatly from putting a $50 router between their PC and the Internet, regardless the connection used.

I agree with you there. If nothing else, using an RFC 1918 LAN behind the firewall is about as much as you need to protect whatever you've got going on in your home network, except for threats that come in e-mails, or downloads from the internet that you initiate yourself. (I call these "vampires," because according to legend a vampire cannot enter a private residence unless he's first been invited in.)

If you're really paranoid, get a Cisco PIX 501 firewall for your home network. And if you're using DHCP, limit your address pool to the number of active systems on your LAN, and assign a long lease time.

[steplock]

I have the router firewall on - every computer is running AVG antivirus and Zone Alarm

Better safe than sorry - spoken by someone who has literally watched a virus go through a network - makes all the pretty lights blink as it worms around - all in a blink of an eye!

[Agnes Heep]

Go D-link--the product is more reliable.

I've got a D-link at home, and it runs very nicely with no problems. It's easy to configure, too. I don't run wireless because I've only got one device (as opposed to 500 or so on the network I maintain at work), but when my daughter visits she brings her D-Link wireless router and I just plug it into my D-Link firewall and she's good to go with her laptop.

[rintense]

I have a Linksys Wireless router with ZoneLabs Integrity firewall from work. Should I be concerned? How can I tell if the firewall is enabled? I went into the gateway address to see the settings, but the only setting showing were those if you had Zone Alarm and PC-Cillin.