To: sigSEGV
Can you explain why a router maker would allow someone on the external internet to connect to the http interface? Surely, such a router should only allow a dhcp client to do this, and it should certainly know their IP addresses.
What is this stuff about malicious sites? Does that just give them an IP address to attack by trying to connect back to the router?
To: proxy_user
Can you explain why a router maker would allow someone on the external internet to connect to the http interface? Surely, such a router should only allow a dhcp client to do this, and it should certainly know their IP addresses.
They literally mean 'drive-by'. As in connecting to and controlling the router wirelessly and reflashing its firmware (or just reconfiguring it) to stage man-in-the-middle attacks. They're talking about your neighbors in high-rises and apartment buildings attacking you via the router. Or in public hotspots or airports.
There are a number of attacks occurring in airports too. People who have enabled XP's Peer-To-Peer networking service and who take advantage of a "Free Internet" hotspot are connecting to a pirate trying to plant stuff on their shared folders/drives or who are staging man-in-the-middle attacks when they connect to corporate/banking/shopping sites. Many of these attackers are operating currently in major airports, universites, etc.
Lock down your wireless laptop and your router.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson