{"id":12584,"date":"2014-02-19T14:31:31","date_gmt":"2014-02-19T20:31:31","guid":{"rendered":"http:\/\/bucktownbell.com\/?p=12584"},"modified":"2014-02-19T15:09:03","modified_gmt":"2014-02-19T21:09:03","slug":"home-routers-pose-biggest-consumer-cyberthreat","status":"publish","type":"post","link":"http:\/\/bucktownbell.com\/?p=12584","title":{"rendered":"Home Routers Pose Biggest Consumer Cyberthreat"},"content":{"rendered":"

Of the small-office, home-office routers evaluated, every one could be compromised with relative ease by hijacking DNS connections, exploiting HTTPS flaws, weaknesses in Universal Plug and Play services, cross-site-scripting attacks, file-traversal and source-code vulnerabilities, weaknesses in WiFi Protected Setup (WPS), buffer overflows or simply bypassing authentication requirements.<\/p><\/blockquote>\n

via Home Routers Pose Biggest Consumer Cyberthreat<\/a>.<\/p>\n

During late 2013 and early 2014, gangs of Polish hackers have robbed thousands of consumers by attacking home routers and changing DNS settings so they point at the attackers\u2019 DNS servers rather than legitimate servers.<\/p><\/blockquote>\n

DNS is a big problem.\u00a0 Usually devices behind a SOHO router will receive their DNS info from the router via DHCP.\u00a0 The router has been configured by the owner using DNS settings from their ISP or they could use one of Google’s servers like 8.8.8.8.\u00a0 A user of their home network should expect a higher level of security unlike the open wifi people use on the road.<\/p>\n

The simplest remedy is never allow router management access from the Internet.\u00a0 This is usually turned off by default.\u00a0 Routers should be set and forget so using the maintenance interface should be a rare occurrence.\u00a0 The TP-LINK outlined here<\/a> requires a user to click a malicious link while in a management session according to this:<\/p>\n

\n

Attack Requirements<\/h2>\n