Results 1 to 5 of 5
  1. #1
    iNET Interactive
    Join Date
    Jan 2010
    Location
    Seattle, WA, USA
    Posts
    380
    Thanks
    1
    Thanked 29 Times in 24 Posts



    IN THE WILD

    Home-router vulnerability revealed at Black Hat


    By Robert Vamosi

    A report delivered at the 2010 Black Hat security conference detailed how hackers can exploit a firmware flaw in some popular home/small-business routers.

    As if there were not enough ways to attack PCs, users should add this DNS vulnerability to their security checklist.

    The full text of this column is posted at WindowsSecrets.com/2010/09/23/07 (paid content, opens in a new window/tab).

    Columnists typically cannot reply to comments here, but do incorporate the best tips into future columns.
    Last edited by revia; 2011-01-19 at 15:36.

  2. #2
    Lounge VIP bobprimak's Avatar
    Join Date
    Feb 2009
    Location
    Hinsdale, IL, USA
    Posts
    2,483
    Thanks
    176
    Thanked 152 Times in 129 Posts
    Heffner's router test code ("rebind") has no Windows useable Executable or Script which I can find. How does one run this test? I did manage to extract the files using 7-Zip. Windows 7 Home Premium, 64-bit, Google Chrome 6 browser. My router is an AT&T 2-Wire router. Its settings cannot be changed (due to ISP restrictions), and its firmware cannot be upgraded. No other Gateway is approved by SBC-Yahoo DSL, so I am stuck with this old router they supplied. SBC-Yahoo DSL Service does not permit the use of proxies like Open DNS.
    -- Bob Primak --

  3. #3
    New Lounger
    Join Date
    Dec 2009
    Location
    Maine
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Bob, there is no reason you cannot add another router in front of the AT&T supplied router which you could then control.

    And another choice for dns is ClearCloudDNS.com from Sunbelt-software - the company that sells Vipre anti-virus. ClearCloud blocks known bad sites. I've been testing it for a couple weeks and it seems to do a good job.

  4. #4
    New Lounger
    Join Date
    Mar 2002
    Posts
    9
    Thanks
    1
    Thanked 0 Times in 0 Posts
    The "Rebind" tool offered at the link provided in the article is for Linux systems only, and, from what I can tell, is not aimed at end users wanting to test their routers. The requirements:
    In order to use Rebind, you must have a registered domain name. You must also register your
    attack machine as a nameserver for your domain; this can be done through your registrar. See
    the docs/FAQ file for more information.

    Rebind is only supported on the Linux platform.

    Vamosi: "Heffner also recommends switching to OpenDNS."
    Vamosi: "Firefox users should also use the NoScript browser plug-in."
    While these two worthwhile recommendations, it should be noted:
    http://gunnyg.wordpr...le-to-web-hack/:"Potential fixes implemented in the free DNS replacement OpenDNS and the Firefox NoScript plug-in won't prevent his exploit, Heffner adds."
    (The original post at blogs.forbes.com can no longer be found, however it is in the Google cache.)

  5. #5
    New Lounger
    Join Date
    Dec 2009
    Location
    Fallston, MD
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts
    The link to the forbes blog doesn't work.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •