Posted on 02/20/2007 6:19:29 PM PST by xcamel
Cisco Systems Inc. is warning users that nearly 80 of its routers are vulnerable to a hack tactic that got play last week.
Dubbed "drive-by pharming" by Symantec Corp. and university researchers who first publicized the danger in a paper, the attack involves luring users to malicious sites where a device's default password is used to redirect them to bogus sites. Once they are at those sites, their identities could be stolen or malware could be force-fed to their computers.
In an advisory posted Thursday, Cisco listed 77 vulnerable routers in the lines sold to small offices, home offices, branch offices and telecommuters. The advisory recommended that users change the default username and password required to access the router's configuration settings, and disable the device's HTTP server feature.
The paper, co-written by a Symantec researcher and two other researchers from Indiana University, urged a similar move by router owners.
"Owners of home routers who set a moderately secure password -- one that is non-default and non-trivial to guess -- are immune to router manipulation via JavaScript," the report read.
The researchers also argued that router makers should stop using blank or easy-to-guess passwords, such as "admin," and switch to the device's serial number. "This value, which is unique to each individual router, would comprise a very secure and unpredictable password," the report stated.
Didn't think this would be the problem. Could be your modem, too. And by design by provider.
I still have issues. I can get on FR (thank God) but I can't get on any homepage. I can ping any website and have a valid IP address but still there are...issues.
This has been a real learning experience for me. My "easy 30-minute setup" has consumed 2 days and 2 routers and 4 calls to various tech support.
I have more sympathy for the non-computer-literate masses now. If it's this difficult for me, it must be incomprehensible hell for dweebs.
Anyway, I feel relatively secure from neighborhood hackers. I changed the admin password, changed the router IP address, set up strong encryption, etc. Whew.
Most of the set up is automatic, i.e., the router automatically sets itself up. Otherwise, it is really difficult. I've never done it manually.
Sounds like you are having dns issues. In addition to pinging , try copying the below ip addresses and pasting them into your browser:
Google: 209.85.135.99
Free Republic: 209.157.64.200
If the web pages display, then your dns settings are wrong or none at all. This information (the domain name server(s)) is usually passed down to the router automatically from the modem/dsl network. If you have your router set up in automatic/dhcp mode (WAN side). It is always best to let the router automatically configure itself.
You can easily force ip addresses on the LAN side. However, for the best stability, and if you don't have a lot of practice, dhcp is the best way to go.
WAN = modem side of the router, dsl network
LAN = local area network (your side of the router).
Check list (procedure):
1. make sure both WAN and LAN sides of your router have dhcp set up. And/or configuration is automatic. You may have reset this if you forced it to manual before.
2. Turn your PC off, your router off, and your modem off.
3. Turn your modem on, wait 1 minute, turn your router on, wait 1 minute, then boot your PC.
If you were successful, then you should have full access to the internet.
Note: if you have done this a few times, you will know when the modem, router, etc. has booted by watching the lights.
Good Luck.
Tomorrow I'm going to get a new Linksys gigabit NIC and put it in. Parakeets up!
For got to mention... a couple more things to make your wifi a little more secure:
1. Don't broadcast your SSID. This puts your router in "stealth mode" -- it is more difficult for others to see your SSID. Others need your SSID in order to log onto your router and network. And if all of your neighbors broadcast theirs, they hackers will attack them first.
2. Enable/control access via the MAC id. There should be a table in your router that allows you to control who has access to your wifi network based on MAC ids. You will have to collect this information for each wireless PC on your network. The MAC id is a six set hex number that looks like below. It is your wireless card's physical/hardware address and can be found in your wireless configuration utility. No two MAC ids are alike.
00:34:67:AE:DF:05
Good luck.
That might do the trick. As I mentioned in post 37, I have had the same problem with one of my machines, with 3 different routers. One of these days I'll figure out which setting or condition is causing it.
FYI, I fixed the problem. I put in a Linksys 10/100 NIC, now works perfectly. The 6-yr-old ADMtek 983 NIC wasn't up to the job. End of problem.
Grats! I used to work at the phone company and the first thing I consider with any problems to do with DSL are the phone lines. Sometimes it's very finicky to setup, but after it's working it's pretty solid.
Good job.
Great!
For what its worth, every time you go through something like this, you learn a little bit more.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.